www.ukr.net Open in urlscan Pro
2606:4700::6812:980 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ukr.net/
Submission: On October 03 via manual (October 3rd 2023, 11:22:06 am UTC) from UA — Scanned from DE

Summary HTTP 180 Redirects Links 284 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 27 domains to perform 180 HTTP transactions. The main IP is 2606:4700::6812:980, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 206503.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 7th 2023. Valid for: a year.

This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700::68... 2606:4700::6812:980	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700::68... 2606:4700::6812:409	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.8.128 104.18.8.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 8	212.42.75.253 212.42.75.253	8856 (UKRNET Kiev) (UKRNET Kiev)
2 2	212.42.75.249 212.42.75.249	8856 (UKRNET Kiev) (UKRNET Kiev)
4	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
1 2	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
4	212.42.73.60 212.42.73.60	8856 (UKRNET Kiev) (UKRNET Kiev)
1	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	212.42.76.151 212.42.76.151	8856 (UKRNET Kiev) (UKRNET Kiev)
5	2a0c:5c87:523... 2a0c:5c87:5239::2	55081 (24SHELLS) (24SHELLS)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	54.204.169.109 54.204.169.109	14618 (AMAZON-AES) (AMAZON-AES)
1 1	157.245.23.44 157.245.23.44	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1 33	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:401... 2607:f8b0:4012:814::2003	15169 (GOOGLE) (GOOGLE)
180	40

8 2606:4700::6812:980 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6812:409 (United States)

ASN13335 (CLOUDFLARENET, US)

upst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.128 (None, )

ASN13335 (CLOUDFLARENET, US)

zakladki.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.75.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com

accounts.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.75.249 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com

mail.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com

pinformer.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zfctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.169.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-169-109.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.23.44 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

bid.adsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4012:814::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 1 redirects 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	387 KB
25	fwdcdn.com upst.fwdcdn.com — Cisco Umbrella Rank: 205666	388 KB
23	ukr.net 3 redirects www.ukr.net — Cisco Umbrella Rank: 206503 zakladki.ukr.net — Cisco Umbrella Rank: 856548 accounts.ukr.net — Cisco Umbrella Rank: 190391 mail.ukr.net — Cisco Umbrella Rank: 111671 counter.ukr.net — Cisco Umbrella Rank: 157144	152 KB
15	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	316 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	149 KB
11	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 8872 ghb.adtelligent.com — Cisco Umbrella Rank: 7086 sync.adtelligent.com — Cisco Umbrella Rank: 4457	198 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	219 KB
8	sinoptik.ua pinformer.sinoptik.ua — Cisco Umbrella Rank: 200435	47 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178
4	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 34224	8 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 640 mug.criteo.com — Cisco Umbrella Rank: 1822	7 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	118 KB
2	trafmag.com trafmag.com — Cisco Umbrella Rank: 41677 t.trafmag.com — Cisco Umbrella Rank: 48277	4 KB
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 12994	1 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 62293	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	152 KB
1	adsinteractive.com 1 redirects bid.adsinteractive.com — Cisco Umbrella Rank: 67689	389 B
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 4554
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 1012	277 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	14 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3974	408 B
1	zfctrack.net s.zfctrack.net — Cisco Umbrella Rank: 210783	450 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 812892	169 B
1	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 273249	713 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1476	7 KB
180	27

	Domain	Requested by
33	tpc.googlesyndication.com	1 redirects 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com www.ukr.net www.gstatic.com tpc.googlesyndication.com cdn.ampproject.org securepubads.g.doubleclick.net
25	upst.fwdcdn.com	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua
13	securepubads.g.doubleclick.net	2 redirects www.ukr.net securepubads.g.doubleclick.net 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	www.ukr.net 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
10	cdn.ampproject.org	9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
8	pinformer.sinoptik.ua	www.ukr.net pinformer.sinoptik.ua
8	accounts.ukr.net	1 redirects upst.fwdcdn.com www.ukr.net accounts.ukr.net
8	www.ukr.net	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua static.cloudflareinsights.com
5	csi.gstatic.com	securepubads.g.doubleclick.net cdn.ampproject.org
5	www.gstatic.com	9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com www.ukr.net
5	9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
4	www.googleadservices.com	www.ukr.net
4	fonts.gstatic.com	fonts.googleapis.com
4	counter.ukr.net	www.ukr.net counter.ukr.net
4	go.rcvlink.com	www.ukr.net go.rcvlink.com
3	fonts.googleapis.com	9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com tpc.googlesyndication.com
3	sync.adtelligent.com	1 redirects www.ukr.net
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com www.ukr.net
2	gum.criteo.com	1 redirects static.criteo.net
2	a4p.adpartner.pro	1 redirects upst.fwdcdn.com
2	mail.ukr.net	2 redirects
2	player.adtcdn.com	www.ukr.net
2	www.googletagmanager.com	www.ukr.net www.googletagmanager.com
1	googleads.g.doubleclick.net	9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
1	mug.criteo.com	www.ukr.net
1	bid.adsinteractive.com	1 redirects
1	cookies.nextmillmedia.com	www.ukr.net
1	t.trafmag.com	www.ukr.net
1	ap.lijit.com	www.ukr.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	www.google.de	www.ukr.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s.zfctrack.net	www.ukr.net
1	loadercdn.net	www.ukr.net
1	trafmag.com	upst.fwdcdn.com
1	m.mixadvert.com	upst.fwdcdn.com
1	static.cloudflareinsights.com	www.ukr.net
1	zakladki.ukr.net	www.ukr.net
180	42

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
rozetka.com.ua
proizd.ua
robota.ua
rst.ua
avtoprod.ua
avtosale.ua
osago.avtosale.ua
goroshina.ua
iron-master.com.ua
www.otpusk.ua
www.accordtour.com
gorod-plitki.com.ua
dom.ria.com
lun.ua
flatfy.ua
casada.ua
med-mebli.com.ua
med-magazin.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
goodmax.com.ua
luxchrono.com.ua
artpotolok.kiev.ua
lascala.ua
work.ua
optima.school
layboard.com
grc.ua
optima.study
cutt.ly
buketland.ua
flowers.ua
hvosting.ua
nic.ua
rx-name.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
mixadvert.com
m.mixadvert.com
kinoafisha.ua
www.slovoidilo.ua
www.rbc.ua
bukvy.org
censor.net
ukrayina.pl
24tv.ua
tsn.ua
espreso.tv
rubryka.com
ua.news
www.eurointegration.com.ua
borgexpert.com
novyny.live
agravery.com
banki.ua
sprotyv.info
zaxid.net
www.infopotik.com.ua
lenta.ua
trueua.info
meta.ua
focus.ua
tykyiv.com
navkolo.news
apostrophe.ua
mykyivregion.com.ua
nashkiev.ua
ilenta.com
prostomob.com
toneto.net
flot2017.com
zn.ua
speka.media
nauka.ua
newsyou.info
detector.media
www.autocentre.ua
autogid.pro
www.avtomir.ua
ua.tribuna.com
prsport.net
sport24.ua
xsport.ua
medpravda.ua
ua-novosti.info
u-news.com.ua
novosti24.kyiv.ua
womanlife.kyiv.ua
wona.com.ua
glamour.kyiv.ua
minprom.ua
pravdatutnews.com
useti.org.ua
news24.in.ua
tabloid.pravda.com.ua
nv.ua
www.armyfm.com.ua
ukranews.com
kino.24tv.ua
telegraf.com.ua
smachnonews.24tv.ua
pixelinform.com
prostoway.com
hochu.ua
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
avtoapteka.net.ua
autoshini.com
transshina.com.ua
ukrguma.com.ua
kiaparts.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
www.aks.ua
sotnyk.net
helplist.io
www.facebook.com
dovidka.info
prava-veteraniv.com
savelife.in.ua
shelter.dopomagai.org
bank.gov.ua
sprotyv.mod.gov.ua
klubnatura.pl
life.pravda.com.ua
www.immobilienscout24.de
chytomo.com
zib.com.ua
www.bamf.de
www.ukrainetakeshelter.com
vogue.ua
life.nv.ua
t.me
upst.fwdcdn.com
trafmag.com
adline.kiev.ua
mail.ukr.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
fwdcdn.com Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
adtcdn.com GTS CA 1P5	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.ukr.net Thawte TLS RSA CA G1	`2023-04-29` - `2024-03-29`	a year	crt.sh
*.rcvlink.com Thawte TLS RSA CA G1	`2023-09-19` - `2024-10-02`	a year	crt.sh
adpartner.pro R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
m.mixadvert.com R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-13` - `2024-06-13`	a year	crt.sh
loadercdn.net R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
player.adtelligent.com R3	`2023-09-16` - `2023-12-15`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-29` - `2023-12-28`	3 months	crt.sh
s.zfctrack.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-17` - `2024-08-17`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.ukr.net/
Frame ID: D6B081B244C5B7E5D2FC64AF339E26A1
Requests: 72 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: DB07C9200D27BED4F54BA6CCBA52ACAD
Requests: 6 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 2DBCF4A764DF360BD670B9683D052805
Requests: 4 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
Frame ID: B7F1BF79D6A6FCCFB032E08D1983F03E
Requests: 13 HTTP requests in this frame

Frame: https://s.zfctrack.net/z
Frame ID: F0C3505E7B40346A127E428CE56F5882
Requests: 1 HTTP requests in this frame

Frame: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8A00F213FF9CFFE2900E710D6EBCBD00
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Frame ID: A3DAD882948940A4AA2F2A6AC044A40C
Requests: 2 HTTP requests in this frame

Frame: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2975941A89C5E5CA77293DC112C2BD38
Requests: 19 HTTP requests in this frame

Frame: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C04C851356AE0548F9C6C0FDE7B017D8
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019
Frame ID: 57E5D2BE126ED054FD87B74C27734640
Requests: 14 HTTP requests in this frame

Frame: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E88E78A185555F6E1ED4E2775F76C3C
Requests: 17 HTTP requests in this frame

Frame: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F151E09FBEC42AC9D2572DA66EEEB2BE
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html
Frame ID: 6414310BE52CB5E6808705E5B6221546
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: 24E620BACCA6BAAC1B8DC3CCBDD9768A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: 6AEDD83AF666CD039B76725E8E35620E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DD74146133A85FF2673423624D586E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E63411344547880BFC4546CD6909FA47
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

180
Requests

96 %
HTTPS

54 %
IPv6

27
Domains

42
Subdomains

40
IPs

8
Countries

2171 kB
Transfer

6277 kB
Size

34
Cookies

284 Outgoing links

These are links going to different origins than the main page.

URL: http://ua.sinoptik.ua/?utm_source=ukr.net&utm_medium=main_page&utm_campaign=main_izbrannoe
Title: Sinoptik

Search URL Search Domain Scan URL

URL: http://orakul.com/
Title: Оракул

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=375206
Title: Booking

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukr_net_main&utm_medium=banner_logo&utm_campaign=logo_main
Title: Rozetka

Search URL Search Domain Scan URL

URL: https://proizd.ua/
Title: Proizd.ua

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpm&utm_campaign=logo
Title: Robota.ua

Search URL Search Domain Scan URL

URL: http://rst.ua/
Title: Машини продають на сайтi RST

Search URL Search Domain Scan URL

URL: https://avtoprod.ua/
Title: Продати авто на AVTOPROD.ua

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/
Title: Avtosale - автосалони України

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/insurance/osago
Title: Придбати автоцивілку

Search URL Search Domain Scan URL

URL: https://goroshina.ua/
Title: Шинний центр ГороШина

Search URL Search Domain Scan URL

URL: https://iron-master.com.ua/ru/glavnaya/
Title: Пофарбувати авто -15% знижка

Search URL Search Domain Scan URL

URL: http://www.otpusk.ua/?utm_source=ukr.net&utm_medium=cpc&utm_content=general&utm_campaign=ukr.net
Title: 100% турів на Otpusk.ua

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/tur_bude
Title: Гарантовані автобусні тури

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=338493
Title: Booking - бронювання житла

Search URL Search Domain Scan URL

URL: https://gorod-plitki.com.ua/ua/
Title: Магазин "Місто плитки" м. Київ

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/novostroyki/?withoutHeader=1&utm_source=ukrnet&utm_medium=clikukrnet_newbuilds&utm_campaign=newbuildings&r_audience=partners_buyers&r_source=ukr.net&r_medium=link&r_campaign=clikukrnet
Title: DOM.RIA - новобудови України

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН - Всі новобудови

Search URL Search Domain Scan URL

URL: https://flatfy.ua/
Title: FLATFY - Квартири шукай

Search URL Search Domain Scan URL

URL: https://casada.ua/massazhnye-kresla-uk
Title: Масажні крісла Casada

Search URL Search Domain Scan URL

URL: https://med-mebli.com.ua/
Title: Медичні меблі і обладнання

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmedtovary
Title: Медичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3idlh7f
Title: Ортопедичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3nKOLeo
Title: Пульсоксиметри

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmainpage&utm_campaign=medmag
Title: Товари для здоров'я

Search URL Search Domain Scan URL

URL: http://doctoronline.care/
Title: Безкоштовні консультації лікарів

Search URL Search Domain Scan URL

URL: https://viveohealth.com/
Title: Онлайн консультації лікарів

Search URL Search Domain Scan URL

URL: https://teplo.app/
Title: Допомога психологів

Search URL Search Domain Scan URL

URL: https://goodmax.com.ua/uk/catalog/87-schetchiki-dlya-vody
Title: Лічильники води Goodmax

Search URL Search Domain Scan URL

URL: http://luxchrono.com.ua/
Title: Годинники і прикраси Люксхроно

Search URL Search Domain Scan URL

URL: https://artpotolok.kiev.ua/raschet-stoimosti/
Title: Стелі Art Decor

Search URL Search Domain Scan URL

URL: http://lascala.ua/index.php?utm_source=ukr_netdom&utm_medium=link&utm_campaign=ukr_netdom
Title: Постільна білизна 1+1=3

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=rozetka
Title: Магазин електронiки

Search URL Search Domain Scan URL

URL: http://work.ua/?utm_source=ukr.net&utm_medium=advert&utm_campaign=main_rabota
Title: WORK.ua – №1 в Україні

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpc&utm_campaign=link
Title: ROBOTA.ua - перевірені вакансії

Search URL Search Domain Scan URL

URL: https://optima.school/?utm_source=ukrnetLink&utm_medium=cpm&utm_campaign=workgr&utm_term=ukrnetLink
Title: Дистанційна освіта 1-11 клас

Search URL Search Domain Scan URL

URL: https://layboard.com/ua
Title: Робота за кордоном - Layboard

Search URL Search Domain Scan URL

URL: http://grc.ua/?utm_source=ukrnet&utm_medium=link&utm_campaign=main_page
Title: GRC.ua-робота професіоналам

Search URL Search Domain Scan URL

URL: https://optima.study/
Title: Курси для дітей і дорослих

Search URL Search Domain Scan URL

URL: https://cutt.ly/1B0Kz3E
Title: Курси програмування

Search URL Search Domain Scan URL

URL: https://buketland.ua/
Title: Квіти - BuketLand

Search URL Search Domain Scan URL

URL: http://flowers.ua/
Title: Flowers-доставка квiтів

Search URL Search Domain Scan URL

URL: https://orakul.com/num/
Title: Нумерологічний прогнози

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/vsi_avtobusni_tury
Title: Автобусні тури в Європу

Search URL Search Domain Scan URL

URL: http://hvosting.ua/
Title: Домени і Хостинг Hvosting.ua

Search URL Search Domain Scan URL

URL: http://nic.ua/
Title: NIC.ua - домени і хостинг

Search URL Search Domain Scan URL

URL: https://rx-name.ua/domains/tld/com.ua
Title: Домен com.ua 275 ₴ rx-name

Search URL Search Domain Scan URL

URL: http://internetua.com/
Title: СМИ - InternetUA

Search URL Search Domain Scan URL

URL: https://sport.ua/football?utm_source=ukrnet-mainpage&utm_medium=ukrnet-link
Title: Футбол на Спорт.ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/
Title: Великий теніс України

Search URL Search Domain Scan URL

URL: http://rada.gov.ua/
Title: Верховна Рада України

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/
Title: Президент України

Search URL Search Domain Scan URL

URL: https://court.gov.ua/
Title: Прес-центр судової влади

Search URL Search Domain Scan URL

URL: https://www.kmu.gov.ua/
Title: Кабінет Міністрів України

Search URL Search Domain Scan URL

URL: http://www.bank.gov.ua/
Title: Нацбанк

Search URL Search Domain Scan URL

URL: http://igov.org.ua/
Title: iGov - портал державних послуг

Search URL Search Domain Scan URL

URL: https://covid19.com.ua/
Title: Відомості про коронавірус

Search URL Search Domain Scan URL

URL: https://adp.digital/ap-landings/2/publisher.php?utm_source=own_promo&utm_medium=unit&utm_campaign=adpartner

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6513/3317076/b1e049fb-a204-4a33-a324-f6e9443a632a?data=eyJjcmVhdGVkX2F0IjoxNjk2MzMyMTI2LCJzaG93X2lkIjoiYjFlMDQ5ZmItYTIwNC00YTMzLWEzMjQtZjZlOTQ0M2E2MzJhIiwiYWRfdW5pdF9pZCI6NjUxMywicnVsZV9pZCI6MCwiYWRfaWQiOjMzMTcwNzYsImRhdGFfc291cmNlIjoiYXBwLWhiLXBsLTIxOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjA2ZDdhZTBiLTgwYjctNGRiMi05YWQ1LTNhMTg2NWQ0Njg4NCIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=1085764832b0dac2bf3e4d6e858d5034

Search URL Search Domain Scan URL

URL: https://mixadvert.com/

Search URL Search Domain Scan URL

URL: https://m.mixadvert.com/go/?h=ace8795a802e6ff8b8743f4aab396ed8&t=444320&b=1559

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/dusha-komandi?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D1%83%D1%88%D0%B0+%D0%BA%D0%BE%D0%BC%D0%B0%D0%BD%D0%B4%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/reprodukciya-maibutnogo?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A0%D0%B5%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%86%D0%B8%D1%8F+%D0%B1%D1%83%D0%B4%D1%83%D1%89%D0%B5%D0%B3%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/vovk-strahu-nema?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%BE%D0%BB%D0%BA.+%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%B0+%D0%BD%D0%B5%D1%82
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/real-t?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/p-slya-nazavjdi?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5.%D0%9D%D0%B0%D0%B2%D1%81%D0%B5%D0%B3%D0%B4%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/p-dl-tki-mutanti-cerepashki-n-ndzya-pogrom-mutant-v?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%B8+-+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D1%8B+%D0%A7%D0%B5%D1%80%D0%B5%D0%BF%D0%B0%D1%88%D0%BA%D0%B8-%D0%BD%D0%B8%D0%BD%D0%B4%D0%B7%D1%8F%3A+%D0%9F%D0%BE%D0%B3%D1%80%D0%BE%D0%BC+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D0%BE%D0%B2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/stihii?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%82%D0%B8%D1%85%D0%B8%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/barbi?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D0%B0%D1%80%D0%B1%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/ves-llya-t-lki-dlya-svo-h?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B2%D0%B0%D0%B4%D1%8C%D0%B1%D0%B0+%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE+%D0%B4%D0%BB%D1%8F+%D1%81%D0%B2%D0%BE%D0%B8%D1%85
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/20-dn-v-u-mar-upol?utm_source=ukr.net&utm_medium=informer&utm_campaign=20+%D0%B4%D0%BD%D0%B5%D0%B9+%D0%B2+%D0%9C%D0%B0%D1%80%D0%B8%D1%83%D0%BF%D0%BE%D0%BB%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/10-dn-v-bez-mami-v-kurshevel?utm_source=ukr.net&utm_medium=informer&utm_campaign=10+%D0%B4%D0%BD%D1%96%D0%B2+%D0%B1%D0%B5%D0%B7+%D0%BC%D0%B0%D0%BC%D0%B8+%D0%B2+%D0%9A%D1%83%D1%80%D1%88%D0%B5%D0%B2%D0%B5%D0%BB%D1%96
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/tvorec?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A2%D0%B2%D0%BE%D1%80%D0%B5%D1%86%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/prividi-u-venec?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D1%80%D0%B8%D0%B7%D1%80%D0%B0%D0%BA%D0%B8+%D0%B2+%D0%92%D0%B5%D0%BD%D0%B5%D1%86%D0%B8%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/sozdatel?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%BE%D0%B7%D0%B4%D0%B0%D1%82%D0%B5%D0%BB%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/2020-bezluadnaya-strana?utm_source=ukr.net&utm_medium=informer&utm_campaign=2020.+%D0%91%D0%B5%D0%B7%D0%BB%D1%8E%D0%B4%D0%BD%D0%B0%D1%8F+%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/gran-turizmo?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%93%D1%80%D0%B0%D0%BD+%D0%A2%D1%83%D1%80%D0%B8%D0%B7%D0%BC%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pila-x?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%B8%D0%BB%D0%B0+X
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/meg-2?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B5%D0%B3+2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/nestrimn-4?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9D%D0%B5%D1%83%D0%B4%D0%B5%D1%80%D0%B6%D0%B8%D0%BC%D1%8B%D0%B5+4
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/dovbush?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D0%BE%D0%B2%D0%B1%D1%83%D1%88
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/marmaduak?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D1%80%D0%BC%D0%B0%D0%B4%D1%8E%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/sinii-juk?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B8%D0%BD%D0%B8%D0%B9+%D0%B6%D1%83%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/borotba-za-spadok?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D0%BE%D1%80%D0%BE%D1%82%D1%8C%D0%B1%D0%B0+%D0%B7%D0%B0+%D1%81%D0%BF%D0%B0%D0%B4%D0%BE%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/nul-kalor-i?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9D%D0%BE%D0%BB%D1%8C+%D0%BA%D0%B0%D0%BB%D0%BE%D1%80%D1%96%D0%B9
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/oppengeimer?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D0%BF%D0%BF%D0%B5%D0%BD%D0%B3%D0%B5%D0%B9%D0%BC%D0%B5%D1%80
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/odnagdi-v-bryugge?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%97%D0%B0%D0%BB%D0%B5%D1%87%D1%8C+%D0%BD%D0%B0+%D0%B4%D0%BD%D0%BE+%D0%B2+%D0%91%D1%80%D1%8E%D0%B3%D0%B3%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/divna-parocska?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D0%B8%D0%B2%D0%BD%D0%B0+%D0%BF%D0%B0%D1%80%D0%BE%D1%87%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mavka-lesnaya-pesnya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D0%B2%D0%BA%D0%B0.+%D0%9B%D0%B5%D1%81%D0%BD%D0%B0%D1%8F+%D0%BF%D0%B5%D1%81%D0%BD%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/speished?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%BE%D1%81%D0%BC%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%B8%D0%B9
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/klk?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%BB%D1%8B%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/missiya-nevpolnima-smertelnaya-rasplata-cast-1?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%81%D1%81%D0%B8%D1%8F+%D0%BD%D0%B5%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BC%D0%B0%3A+%D0%A0%D0%B0%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%B0.+%D0%A7%D0%B0%D1%81%D1%82%D1%8C+1
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kohannya-bez-kontraktu?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D1%8C+%D0%B1%D0%B5%D0%B7+%D0%BA%D0%BE%D0%BD%D1%82%D1%80%D0%B0%D0%BA%D1%82%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/ya-n-na?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%AF%2C+%D0%9D%D0%B8%D0%BD%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/v-dlunnya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%AD%D1%85%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/evrodonbas?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%95%D0%B2%D1%80%D0%BE%D0%B4%D0%BE%D0%BD%D0%B1%D0%B0%D1%81
Title: купити квитки

Search URL Search Domain Scan URL

URL: http://avtosale.ua/?utm_source=ukr.net&utm_medium=Logo&utm_campaign=informers

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5201&utm_source=ukr.net&utm_medium=Renault_Koleos&utm_campaign=informers&CarCommercial=2
Title: 751 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=32630&utm_source=ukr.net&utm_medium=Renault_Sandero_stepway&utm_campaign=informers&CarCommercial=2
Title: 437 100 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=936&utm_source=ukr.net&utm_medium=Hyundai_Santa_fe&utm_campaign=informers&CarCommercial=2
Title: 1 265 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=32971&utm_source=ukr.net&utm_medium=Ford_Tourneo_custom&utm_campaign=informers&CarCommercial=2
Title: 2 068 853 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=954&utm_source=ukr.net&utm_medium=Hyundai_I10&utm_campaign=informers&CarCommercial=2
Title: 377 300 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=16977&utm_source=ukr.net&utm_medium=Renault_Duster&utm_campaign=informers&CarCommercial=2
Title: 658 700 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=2237&utm_source=ukr.net&utm_medium=Ford_Kuga&utm_campaign=informers&CarCommercial=2
Title: 1 169 845 грн

Search URL Search Domain Scan URL

URL: https://www.slovoidilo.ua/2023/10/03/novyna/nauka/oholosheno-laureativ-nobelivskoyi-premiyi-fizyky
Title: Оголошено лауреатів Нобелівської премії з фізики

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/news/rosiyskiy-flot-faktichno-zaznav-porazki-chornomu-1696324084.html
Title: Російський флот фактично зазнав поразки у Чорному морі, - Міноборони Британії

Search URL Search Domain Scan URL

URL: https://bukvy.org/ukrayina-domovylasya-pro-tranzyt-zerna-v-odyn-z-najbilshyh-portiv-na-baltijskomu-mori/
Title: Україна домовилася про транзит зерна в один з найбільших портів на Балтійському морі

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/news/mayzhe-300-okupantiv-ta-8-skladiv-boepripasiv-1696330730.html
Title: Майже 300 окупантів та 8 складів боєприпасів: втрати РФ на Таврійському напрямку за добу

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3447168/rashysty_vdaryly_po_dniprovskomu_rayionu_hersonu_poshkodjeno_budynky
Title: Рашисти вдарили по Дніпровському району Херсону, пошкоджено будинки

Search URL Search Domain Scan URL

URL: https://ukrayina.pl/ukrayina/7,183470,30257007,1052-1110-1085-1091-1089-1089-1080-1089-1090-1077-1084-1072.html
Title: Мінус система ППО і троє окупантів: потяг наїхав на російських військових на Донеччині

Search URL Search Domain Scan URL

URL: https://24tv.ua/ostriv-zmiyiniy-sogodni-rosiyani-skinuli-3-bombi-yaka-yihnya_n2404238
Title: Окупанти скинули 3 бомби у районі Зміїного, – Гуменюк пояснила, яка їхня мета

Search URL Search Domain Scan URL

URL: https://tsn.ua/ato/u-zsu-rozpovili-pro-pidstupnist-rosiyan-pid-chas-zapuskiv-bezpilotnikiv-2422438.html
Title: У ЗСУ розповіли про підступність росіян під час запусків безпілотників

Search URL Search Domain Scan URL

URL: https://espreso.tv/koordinue-a-ne-dae-nakazi-ochilnik-mvs-klimenko-zayaviv-pro-vidsutnist-vplivu-tatarova-na-vidomstvo
Title: "Координує, а не дає накази": очільник МВС Клименко заявив про відсутність впливу Татарова на відомство

Search URL Search Domain Scan URL

URL: https://bukvy.org/pentagon-gotovyj-peredaty-ukrayini-atacms-yak-tilky-bude-zgoda-bajdena/
Title: Пентагон готовий передати Україні ATACMS, як тільки буде згода Байдена

Search URL Search Domain Scan URL

URL: https://rubryka.com/2023/10/03/daniya-vydilyla-na-zakupivlyu-boyeprypasiv-ukrayini/
Title: Рішення для перемоги: $14 мільйонів Данія виділила на закупівлю боєприпасів для України

Search URL Search Domain Scan URL

URL: https://ua.news/ua/ukraine/ssha-prodolzhat-okazyvat-finansovuyu-pomoshh-ukraine-posol
Title: США продовжать надавати фінансову допомогу Україні – посол

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2023/10/3/7170659/
Title: Axios: Адміністрація Байдена переконує союзників, що підтримка України триватиме

Search URL Search Domain Scan URL

URL: https://borgexpert.com/news/minoborony-zbilshylo-perelik-vijskovykh-iaki-otrymaiut-doplaty-khto-uvijshov-do-spysku
Title: Міноборони збільшило перелік військових, які отримають доплати. Хто увійшов до списку

Search URL Search Domain Scan URL

URL: https://ua.news/ua/money/rynok-aviaperevozok-kanady-skyup-zapuskaet-charternye-rejsy-i-lizingovye-uslugi
Title: Ринок авіаперевезень Канади: SkyUp запускає чартерні рейси та лізингові послуги

Search URL Search Domain Scan URL

URL: https://novyny.live/ekonomika/istotnikh-zmin-kursu-dolara-ne-bude-natsbank-pokazav-dani-torgiv-na-mizhbanku-122902.html
Title: Істотних змін курсу долара не буде: Нацбанк показав дані торгів на міжбанку

Search URL Search Domain Scan URL

URL: https://agravery.com/uk/posts/show/urad-sistematizuvav-pidhid-do-rozrahunku-zbitkiv-za-nezakonnij-vilov-ribi
Title: Уряд систематизував підхід до розрахунку збитків за незаконний вилов риби

Search URL Search Domain Scan URL

URL: https://banki.ua/news/aktyvy-bankiv-bankrutiv-vystavleno-na-prodazh-shche-na-55-mlrd-grn
Title: Активи банків-банкрутів виставлено на продаж ще на 5,5 млрд грн

Search URL Search Domain Scan URL

URL: https://sprotyv.info/news/sso-znishhili-vorozhi-bmp-ta-polovij-sklad-rf-na-zaporizkomu-napryamku/
Title: ССО знищили ворожі БМП та польовий склад рф на Запорізькому напрямку

Search URL Search Domain Scan URL

URL: https://zaxid.net/u_kiyevi_viyskoviy_zastreliv_dvoh_svoyih_pobratimiv_n1571909
Title: У Києві військовий застрелив двох своїх побратимів

Search URL Search Domain Scan URL

URL: https://www.infopotik.com.ua/u-rivnomu-sudyly-vebkamshhytsyu-ta-yiyi-administratorku-yaki-pererobyly-kotedzh-pid-pornostudiyu/
Title: У Рівному судили вебкамщицю та її адміністраторку, які переробили котедж під порностудію

Search URL Search Domain Scan URL

URL: https://novyny.live/crime/zradniki-ta-kolaboranti-u-dbr-nazvali-kilkist-zlochiniv-proti-ukrayini-za-chas-viini-122905.html
Title: Зрадники та колаборанти: у ДБР назвали кількість злочинів проти України за час війни

Search URL Search Domain Scan URL

URL: https://rubryka.com/2023/10/03/rozminuvannya-hersonshhyny-za-11-misyatsiv-zachystyly-vid-vybuhovyh-predmetiv-lyshe-6-chastynu-oblasti/
Title: Розмінування Херсонщини: за 11 місяців зачистили від вибухових предметів лише 6 частину області

Search URL Search Domain Scan URL

URL: https://lenta.ua/u-mvs-natyaknuli-shcho-skasuvannya-komendantskoyi-godini-v-ukrayini-ne-bude-146111/
Title: У МВС натякнули, що скасування комендантської години в Україні не буде

Search URL Search Domain Scan URL

URL: https://trueua.info/news/v-ukraini-zapuskayut-dva-eksperimentalni-proekti-dlya-veteraniv-i-vijskovih--shmigal
Title: В Україні запускають два експериментальні проекти для ветеранів і військових, — Шмигаль

Search URL Search Domain Scan URL

URL: https://meta.ua/uk/news/society/89625-v-ukrayini-stae-proholodnishe/
Title: В Україні стає прохолодніше

Search URL Search Domain Scan URL

URL: https://www.slovoidilo.ua/2023/10/03/novyna/suspilstvo/hlava-mvs-rozpoviv-vyrishyly-pokarannyam-uxylyantiv-kordonom
Title: Глава МВС розповів, що вирішили з покаранням для ухилянтів за кордоном

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/world/596627-eksgolovu-ap-ukrajini-klyuyeva-gospitalizuvali-do-likarni-v-moskvi-roszmi
Title: Ексголову АП України Клюєва госпіталізували до лікарні в Москві, — росЗМІ

Search URL Search Domain Scan URL

URL: http://tykyiv.com/zdorovij/kiyivskii-marafon-nezlamnosti-2023-6146-uchasnikiv-geroyi-biguni-na-protezakh-ta-1-milion-grn-na-blagodiinist/
Title: Київський марафон Незламності 2023: 6146 учасників, герої-бігуни на протезах та 1 мільйон грн на благодійність

Search URL Search Domain Scan URL

URL: https://navkolo.news/na-kyyivshchyni-zatrymaly-cholovika-yakyy-v-harazhi-vyhotovlyav-alkoholnu-produktsiyu-foto
Title: На Київщині затримали чоловіка, який в гаражі виготовляв алкогольну продукцію (ФОТО)

Search URL Search Domain Scan URL

URL: https://apostrophe.ua/ua/news/305914
Title: Кияни будуть платити за проїзд по-новому: чи вплинуть зміни на вартість проїзду

Search URL Search Domain Scan URL

URL: https://mykyivregion.com.ua/news/na-kiyivshhini-viyavili-vodiiku-z-kuplenimi-dokumentami
Title: На Київщині виявили водійку з купленими документами

Search URL Search Domain Scan URL

URL: https://nashkiev.ua/news/na-kiivschini-stvoryat-dodatkovi-vognevi-grupi-ppo-dlya-zahistu-energetichnoi-infrastrukturi
Title: На Київщині створять додаткові вогневі групи ППО для захисту енергетичної інфраструктури

Search URL Search Domain Scan URL

URL: https://ilenta.com/uk/news/smartphone/smartphone_6391.html
Title: Sharp представила захищений смартфон Aquos sense8

Search URL Search Domain Scan URL

URL: https://internetua.com/reb-okupantiv-bezsilii-ukrayinsku-radiostanciua-viznano-rozrobkoua-2023-roku
Title: РЕБ окупантів безсилий: українську радіостанцію визнано розробкою 2023 року

Search URL Search Domain Scan URL

URL: https://prostomob.com/170067-novyj-flagman-vyrishyt-odnu-z-golovnyh-problem-smartfoniv-xiaomi
Title: Новий флагман вирішить одну з головних проблем смартфонів Xiaomi

Search URL Search Domain Scan URL

URL: https://toneto.net/news/tehnologii/Facebook-dast-zmogu-stvoryuvati-koristuvacham-odrazu-k--lka-stor--nok
Title: Facebook дасть змогу створювати користувачам одразу кілька сторінок

Search URL Search Domain Scan URL

URL: https://flot2017.com/kiberbezopasnost-ukrainy-ssha-i-daniya-obedinyat-usiliya/
Title: Кибербезопасность Украины: США и Дания объединят усилия

Search URL Search Domain Scan URL

URL: https://zn.ua/ukr/TECHNOLOGIES/morshchini-na-poverkhni-merkurija-vkazali-na-te-shcho-planeta-prodovzhuje-stiskatisja.html
Title: "Морщини" на поверхні Меркурія вказали на те, що планета продовжує стискатися

Search URL Search Domain Scan URL

URL: https://speka.media/teleskop-gabbla-pokazav-cervonu-tumannist-westerhout-5-foto-vz6z4p
Title: Телескоп Габбла показав червону туманність Westerhout 5 — фото

Search URL Search Domain Scan URL

URL: https://nauka.ua/news/milimetrovi-nematodi-proyavili-oznaki-strahu
Title: Міліметрові нематоди проявили ознаки страху

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/10/kosmichnij-teleskop-nasa-viyaviv-mozhlivi-oznaki-isnuvannya-zhittya-na-planeti-k2-18b
Title: Космічний телескоп NASA виявив можливі ознаки існування життя на планеті K2-18b

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/technologies/596633-vibuhi-nadnovih-zavdali-udaru-po-zemli-3-i-7-mln-rokiv-tomu-koli-chekati-nastupnoyi-katastrofi
Title: Вибухи наднових завдали удару по Землі 3 і 7 млн років тому: коли чекати наступної катастрофи

Search URL Search Domain Scan URL

URL: https://detector.media/infospace/article/217596/2023-10-03-finski-zhurnalisty-vyyavyly-postavky-do-rosii-dorogykh-pidsanktsiynykh-avtomobiliv/
Title: Фінські журналісти виявили поставки до Росії дорогих підсанкційних автомобілів

Search URL Search Domain Scan URL

URL: https://www.autocentre.ua/ua/news/pervye-rezultaty-zapreta-eksporta-avtomobilej-iz-yaponii-v-rossiyu-1464931.html
Title: Перші результати заборони експорту автомобілів з Японії до росії

Search URL Search Domain Scan URL

URL: https://autogid.pro/innovations/kytajtsi-stvoryuyut-supershvydki-akumulyatory/
Title: Китайці створюють супершвидкі акумулятори

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/auto/596617-eksperti-viznachili-najkrashi-zimovi-shini-dlya-avtomobiliv-2023-roku-video
Title: Експерти визначили найкращі зимові шини для автомобілів 2023 року (відео)

Search URL Search Domain Scan URL

URL: https://www.avtomir.ua/mews/ukraine/skilky-novyh-avtomobiliv-prydbaly-u-veresni/
Title: Скільки нових автомобілів придбали у вересні

Search URL Search Domain Scan URL

URL: http://sport.ua/uk/news/645163-valentin-rubchinskiy-golovne-biti-a-tam-shchos-zaletit
Title: Валентин РУБЧИНСЬКИЙ: «Головне бити, а там щось залетить»

Search URL Search Domain Scan URL

URL: https://ua.tribuna.com/uk/football/1000000099808-prezident-dyussh-krasnograd-mudrik-igrok-kotoryj-dolzhen/
Title: Президент ДЮСШ «Красноград»: «Мудрик - гравець, який повинен бути зіркою №1 в команді»

Search URL Search Domain Scan URL

URL: https://prsport.net/football/match-shahtera-v-lige-chempionov-budet-obsluzhivat-predstavitel-rfs.html
Title: Матч «Шахтера» в Лиге чемпионов будет обслуживать представитель РФС

Search URL Search Domain Scan URL

URL: https://sport24.ua/uk/football/news/60856-prezidenta-reala-zvinuvatili-u-pidkupi-suddiv-robiv-tse-ranishe-nizh-barselona
Title: Президента Реала звинуватили у підкупі суддів: "Робив це раніше, ніж Барселона"

Search URL Search Domain Scan URL

URL: https://xsport.ua/ua/boxing_s/news/brytanskyy-fakhivets-dav-poradu-dlya-dzhoshua-vin-zgadav-pro-usyka-ta-f-yuri_8849406/
Title: Британський фахівець дав пораду для Джошуа: він згадав про Усика та Ф'юрі

Search URL Search Domain Scan URL

URL: https://toneto.net/news/krasota-zdorove-sport/otkuda-beryotsya-tunnelniy-sindrom-i-kak-ego-lechit
Title: Лікарі пояснили звідки береться тунельний синдром і як його лікувати

Search URL Search Domain Scan URL

URL: https://medpravda.ua/ua/news/nikoli-ne-zmishuyte-sir-iz-tsimi-produktami/
Title: Ніколи не змішуйте сир із цими продуктами

Search URL Search Domain Scan URL

URL: https://ua-novosti.info/zdorovye/likar-nazvala-pershi-oznaki-insultu-i-rozpovila-xto-do-nogo-sxilnij.html
Title: Лікар назвала перші ознаки інсульту і розповіла, хто до нього схильний

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/156906-terapevt-rozpovila-iak-zberegty-zdorovia-pechinky.html
Title: Терапевт розповіла, як зберегти здоров’я печінки

Search URL Search Domain Scan URL

URL: https://novosti24.kyiv.ua/zdorov-ya/6-zvichok-yaki-mozhut-zrujnuvati-zdorov-ya-shhitovidnoyi-zalozi-2/
Title: 6 звичок, які можуть зруйнувати здоров’я щитовидної залози

Search URL Search Domain Scan URL

URL: https://womanlife.kyiv.ua/shou-biznes/hristina-solovij-vlashtuvala-polovij-kontsert-dlya-ukrayinskih-zahisnikiv-foto-2/
Title: Христина Соловій влаштувала польовий концерт для українських захисників (фото)

Search URL Search Domain Scan URL

URL: https://wona.com.ua/santa-dimopulos-zminyla-imya-ta-po-batkovi
Title: Санта Дімопулос змінила ім’я та по батькові

Search URL Search Domain Scan URL

URL: https://glamour.kyiv.ua/shoubiznes/maks-chmerkovskij-prigadav-yakim-bulo-jogo-rozkishne-vesillya-v-zamku-v-ssha-171-mi-mriyali-pro-tse-187/
Title: Макс Чмерковський пригадав, яким було його розкішне весілля в замку в США: «Ми мріяли про це»

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/10/anna-dobridnyeva-vipustila-saundtrek-do-novogo-ukra%d1%97nskogo-filmu
Title: Анна Добриднєва випустила саундтрек до нового українського фільму

Search URL Search Domain Scan URL

URL: https://rubryka.com/2023/10/03/arhiv-vijny-vykladaye-u-vidkrytyj-dostup-dokumentalnyj-film-svidky-na-pivnich-vid-kyyeva/
Title: Архів війни викладає у відкритий доступ документальний фільм “Свідки: На північ від Києва”

Search URL Search Domain Scan URL

URL: https://sprotyv.info/news/bezpilotnik-ssha-pochav-cherguvannya-nad-chornim-morem/
Title: Безпілотник США почав чергування над Чорним морем

Search URL Search Domain Scan URL

URL: https://minprom.ua/news/302273.html
Title: Три найбільші нафтогазові компанії з КНР внесено до списку міжнародних спонсорів війни

Search URL Search Domain Scan URL

URL: https://bukvy.org/virmeniya-ratyfikuvala-rymskyj-statut/
Title: Вірменія ратифікувала Римський статут

Search URL Search Domain Scan URL

URL: https://espreso.tv/chekhiya-ta-polshcha-posilili-kontrol-na-kordoni-zi-slovachchinoyu-cherez-velikiy-potik-migrantiv
Title: Чехія та Польща посилили контроль на кордоні зі Словаччиною через великий потік мігрантів

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2023/10/3/7170660/
Title: Словаччина: партія, що має "золоту акцію" у формуванні уряду, допускає коаліцію і без Фіцо

Search URL Search Domain Scan URL

URL: https://pravdatutnews.com/politics/2023/10/03/30498-zabuv-pasport-glava-mzs-shveciyi-ne-pryyihav-v-ukrayinu
Title: Забув паспорт: Глава МЗС Швеції не приїхав в Україну

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/156875-piana-svarka-pasazhyrka-kynula-velyku-pachku-groshei-u-cholovika-na-posadkovi-smuzi.html
Title: "П'яна сварка": пасажирка кинула велику пачку грошей у чоловіка на посадковій смузі

Search URL Search Domain Scan URL

URL: https://useti.org.ua/lifestyle/vedmid-pograbuvav-pekarnyu-ta-z-8217-yiv-60-keksiv/
Title: Ведмідь пограбував пекарню та з’їв 60 кексів

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/10/unikalni-kadri-vovk-lev-ta-vedmid-virishili-razom-pograti-video
Title: Унікальні кадри: вовк, лев та ведмідь вирішили разом пограти (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://news24.in.ua/lifestyle/nezgrabna-pauza-glyadachiv-rozveselilo-movchannya-veduchogo-novin-video.html
Title: Незграбна пауза: глядачів розвеселило мовчання ведучого новин (відео)

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/10/ridkisni-foto-andzhelini-dzholi-princa-vilyama-merilin-monro-ta-inshix-znamenitostej-u-rannomu-ditinstvi-foto
Title: Рідкісні фото Анджеліни Джолі, принца Вільяма, Мерилін Монро та інших знаменитостей у ранньому дитинстві (ФОТО)

Search URL Search Domain Scan URL

URL: http://tykyiv.com/news/u-kiyivskomu-zooparku-popovnennia-narodilisia-zubreniata/
Title: У Київському зоопарку поповнення: народилися зубренята

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/focus/koroleva-yordaniji-raniya-pokazalasya-u-cholovichomu-kostyumi-foto-2000335/
Title: Королева Ранія вигуляла чоловічий костюм на офіційний івент. ФОТО

Search URL Search Domain Scan URL

URL: https://nv.ua/ukr/lifestyle/rosiyskiy-r-fon-viyavivsya-kopiyeyu-smartfona-z-bangladesh-foto-50357899.html
Title: Російський «захищений» смартфон для чиновників виявився копією девайса з Бангладеш — фото

Search URL Search Domain Scan URL

URL: https://www.armyfm.com.ua/ua/kursanti-institutu-vms-zavershili-praktiku-u-nimechchini-foto/
Title: Курсанти Інституту ВМС завершили практику у Німеччині (ФОТО)

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/156891-mozhut-pryvezty-prosto-v-okopy-tysiachi-rosiskykh-okupantiv-vzhyvaut-narkotyky-v-tylu-i-na-fronti-.html
Title: Можуть привезти просто в окопи - тисячі російських окупантів вживають наркотики в тилу і на фронті

Search URL Search Domain Scan URL

URL: https://ukranews.com/ua/news/959093-z-yavylosya-video-pershogo-zapusku-modernizovanoyi-ukrayinskoyi-rakety-s-200
Title: З'явилося відео першого запуску модернізованої української ракети С-200

Search URL Search Domain Scan URL

URL: https://meta.ua/uk/news/society/89630-viiskovi-muzikanti-perespivali-legendarni-ukrayinski-pisni-usih-chasiv-video/
Title: Військові музиканти переспівали легендарні українські пісні усіх часів. Відео

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/10/pislya-semi-rokiv-rosiya-opublikuvala-kadri-momentu-padinnya-vinishhuvacha-su-33-u-seredzemne-more-video
Title: Після семи років росія опублікувала кадри моменту падіння винищувача Су-33 у Середземне море (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://sprotyv.info/video/naczgvardijczi-likviduvali-okupantiv-yaki-oblashtovuvali-oboronni-rubezhi-video/
Title: Нацгвардійці ліквідували окупантів, які облаштовували оборонні рубежі. ВІДЕО

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/156907-kimnatni-roslyny-iaki-naikrashche-ochystiat-povitria-v-prymishchenni.html
Title: Кімнатні рослини, які найкраще очистять повітря в приміщенні

Search URL Search Domain Scan URL

URL: https://kino.24tv.ua/10-populyarnih-serialiv-za-versiyeyu-imdb-naykrashhiy-spisok_n2404221
Title: Топ-10 найкращих серіалів за версією IMDb: добірка, яка вас зацікавить

Search URL Search Domain Scan URL

URL: https://news24.in.ua/lifestyle/yak-zrobiti-zachisku-obyemnoyu-xitroshhi-perukariv-2.html
Title: Як зробити зачіску об’ємною: хитрощі перукарів

Search URL Search Domain Scan URL

URL: https://telegraf.com.ua/ukr/lifestyle/2023-10-03/5811314-esli-doma-kak-v-tropikakh-kak-bystro-i-effektivno-snizit-vlazhnost-v-kvartire-ili-dome?traffic_source=ukr.net
Title: Якщо вдома, як в тропіках: як швидко та ефективно знизити вологість у квартирі чи будинку

Search URL Search Domain Scan URL

URL: https://tsn.ua/other/chim-pidzhiviti-polunicyu-voseni-poradi-dosvidchenih-sadivnikiv-2422354.html
Title: Чим підживити полуницю восени, чим категорично не можна підгодовувати рослину: поради садівників

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/10/shvidkij-ta-diyetichnij-pirig-z-lavasha-z-yablukami
Title: Швидкий та дієтичний пиріг з лаваша з яблуками

Search URL Search Domain Scan URL

URL: https://smachnonews.24tv.ua/retsepti-garbuza-shho-prigotuvati-nashvidkuruch_n2404032
Title: Що приготувати з гарбуза – три осінні рецепти від супу до десерту

Search URL Search Domain Scan URL

URL: https://pixelinform.com/food/yak-dosvidcheni-gospodyni-vykorystovuyut-pyvo-v-kulinariyi-ne-vsi-pro-cze-znayut/
Title: Як досвідчені господині використовують пиво в кулінарії: не всі про це знають

Search URL Search Domain Scan URL

URL: https://prostoway.com/58331-yak-prygotuvaty-pryanyj-sous-zi-slyv-do-myasnyh-strav
Title: Як приготувати пряний соус зі слив до м’ясних страв

Search URL Search Domain Scan URL

URL: https://hochu.ua/ukr/kuhnya/retseptyi/article-123301-vozmite-nemnogo-sushenyih-gribov-etot-fantasticheskiy-frantsuzskiy-sous-legko-vosproizvesti-doma-retsept/
Title: Візьміть трохи сушених грибів: цей французький грибний соус можна легко відтворити (РЕЦЕПТ)

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpd&utm_campaign=banner_shiny-diski_brendirovanie-toplivo&utm_content=120-77

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aries/today.html
Title: Овен

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/taurus/today.html
Title: Телець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/gemini/today.html
Title: Близнюки

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/cancer/today.html
Title: Рак

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/lion/today.html
Title: Лев

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/virgo/today.html
Title: Дiва

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/libra/today.html
Title: Терези

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/scorpio/today.html
Title: Скорпiон

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/sagittarius/today.html
Title: Стрiлець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/capricorn/today.html
Title: Козоріг

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aquarius/today.html
Title: Водолій

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/pisces/today.html
Title: Риби

Search URL Search Domain Scan URL

URL: http://orakul.com/sonnik/
Title: Сонник

Search URL Search Domain Scan URL

URL: http://orakul.com/imena/
Title: Тлумачення імен

Search URL Search Domain Scan URL

URL: http://orakul.com/taro/
Title: Таро

Search URL Search Domain Scan URL

URL: https://shinadiski.com.ua/
Title: Шини для авто та диски

Search URL Search Domain Scan URL

URL: https://www.zapchast.com.ua/
Title: Автозапчастини

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=link_shiny-diski_ssylka-na-glavnoy&utm_content=text
Title: Авторезина та диски

Search URL Search Domain Scan URL

URL: https://avtoapteka.net.ua/ua/akkumuljatory/avtomobilnye-akkumuliatory/electron/
Title: Акумулятори Electron

Search URL Search Domain Scan URL

URL: https://autoshini.com/?utm_source=ukr.net
Title: Шини та диски

Search URL Search Domain Scan URL

URL: http://transshina.com.ua/
Title: Автошини та диски

Search URL Search Domain Scan URL

URL: https://ukrguma.com.ua/poroshkove-farbuvannya/
Title: Фарбування дисків

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/
Title: Купити нове авто

Search URL Search Domain Scan URL

URL: http://kiaparts.com.ua/
Title: Запчаст. Kia, Hyundai

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_liberti-967/
Title: Інфініті ВІДІ Ліберті

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_insite-1120/
Title: CR-V Hybrid в наявності

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_avtostrada-961/#tab=new_auto_tab;event=GetData;MarkId=1594;ModelId=1620;CarAdvertType=0;SalonId=961;page=1;_page=avtosalon_item;ajax=1
Title: 5% вигоди Land Cruiser

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_armada-993/
Title: Ніссан ВІДІ Армада

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Toyota_center_odessa_vidi_palmira-1038/#Id=7316;event=news;_page=news_item;tab=news_tab;ajax=1
Title: Toyota з вигодою до -5%

Search URL Search Domain Scan URL

URL: https://www.optics-pro.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=optica
Title: Оптика для полювання

Search URL Search Domain Scan URL

URL: https://ukroptica.com.ua/
Title: Тепловізори і оптика

Search URL Search Domain Scan URL

URL: https://www.aks.ua/uk/
Title: Мобільні аксесуари

Search URL Search Domain Scan URL

URL: https://sotnyk.net/ua/teplovizory/
Title: Військові тепловізори

Search URL Search Domain Scan URL

URL: https://helplist.io/
Title: Об'єднання волонтерів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/687761881312683
Title: Свалявський рух опору

Search URL Search Domain Scan URL

URL: https://dovidka.info/
Title: Dovidka.info

Search URL Search Domain Scan URL

URL: https://prava-veteraniv.com/
Title: Права ветеранів

Search URL Search Domain Scan URL

URL: https://savelife.in.ua/donate/
Title: Підтримка армії

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/create?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_host&utm_id=ukrnet
Title: Житло біженцям

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/about/support-the-armed-forces
Title: Допомога ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/president.gov.ua
Title: Офіс Президента

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KabminUA
Title: Кабінет Міністрів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mvs.gov.ua
Title: Мін. внутрішніх справ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MNS.GOV.UA
Title: ДСНС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TerritorialDefenseForces
Title: ТерО ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUStratCom
Title: СтратКом ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dsszzi
Title: Держспецзвʼязок

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUkraine
Title: ЗС України

Search URL Search Domain Scan URL

URL: https://sprotyv.mod.gov.ua/
Title: Центр нац. спротиву

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeneralStaff.ua
Title: Ген штаб ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MinistryofDefence.UA
Title: Міністерство оборони

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UA.National.Police
Title: Національна поліція

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DPSUkraine
Title: ДПС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NGUmainpage
Title: Нацгвардія України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StratcomCentreUA
Title: Центр інф. безпеки

Search URL Search Domain Scan URL

URL: https://www.facebook.com/navy.mil.gov.ua
Title: ВМС ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CinCAFU
Title: Головнокомандувач

Search URL Search Domain Scan URL

URL: https://klubnatura.pl/pages/solidarni-z-ukraina
Title: Допомога в Польщі

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/03/11/247770/
Title: Пошук житла

Search URL Search Domain Scan URL

URL: https://www.immobilienscout24.de/lp/hilfe-fuer-die-ukraine.html
Title: Житло в Німеччині

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/
Title: Прихисток для біженців

Search URL Search Domain Scan URL

URL: https://chytomo.com/dlia-kulturnykh-diiachiv-i-osvitian-dopomoha-i-pratsevlashtuvannia-za-kordonom/
Title: Працевлаштування за кордоном

Search URL Search Domain Scan URL

URL: https://zib.com.ua/ua/151001-timchasoviy_zahist_na_kipri_mozhlivosti_dlya_ukrainciv.html
Title: Допомога на Кіпрі

Search URL Search Domain Scan URL

URL: https://www.bamf.de/DE/Themen/AsylFluechtlingsschutz/ResettlementRelocation/InformationenEinreiseUkraine/informationen-einreise-ukraine-node.html
Title: Допомога в Німеччині

Search URL Search Domain Scan URL

URL: https://www.ukrainetakeshelter.com/
Title: Розміщення біженців

Search URL Search Domain Scan URL

URL: https://www.facebook.com/752118234860641/posts/7149925781746489/?d=n
Title: Сайти допомоги

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_guest&utm_id=ukrnet
Title: Безкоштовне житло в Україні

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/culture/puteshestviya/kijiv-vilnyus-shcho-maye-znati-kozhen-ukrajinskiy-bizhenec.html
Title: Допомога у Вільнюсі

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/bizhenci-z-ukrajini-do-latviji-yak-i-de-peretnuti-kordon-otrimati-dopomogu-robotu-ta-de-zhiti-50228296.html
Title: Допомога у Латвії

Search URL Search Domain Scan URL

URL: https://t.me/miUkraune
Title: Міністерство інфраструктури України

Search URL Search Domain Scan URL

URL: https://t.me/uksatse_official
Title: Украерорух

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uspa.gov.ua
Title: Адміністрація морських портів України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DSBT.UA
Title: Державна служба України з безпеки на транспорті (ДСБТ)

Search URL Search Domain Scan URL

URL: https://t.me/UkrzalInfo
Title: Укрзалізниця

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airportboryspil/
Title: Міжнародний аеропорт “Бориспіль”

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lvivinternationalairport/
Title: Міжнародний аеропорт “Львів”

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2023_09_07_manual_3gr.pdf
Title: ФОП 3-ї групи ЄП-5%

Search URL Search Domain Scan URL

URL: https://trafmag.com/

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTg0fDEzODcyfDIxNy4xMTQuMjE4LjIxfDcyMDc2ODA1fDE2OTYzMzIxMjZ8YmY2Mzc3ZDlkZDZlNWUwNjA3ZjdkODBjNmRmNzM3NzZ8MzMz&vid=2182183406614

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTg0fDEzODcyfDIxNy4xMTQuMjE4LjIxfDcyODEyMjk5fDE2OTYzMzIxMjZ8MjZhNGE2YjI5NGM5OGEzN2UxMDBkYzE4NmFhY2I4MDF8MzMz&vid=2182183406614

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTg0fDEzODcyfDIxNy4xMTQuMjE4LjIxfDcyODEyMjk3fDE2OTYzMzIxMjZ8NjAyMDZhYzVkN2ZlMjAyZmNjMmQyMTVmNDhiMGIxYjd8MzMz&vid=2182183406614

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTg0fDEzODcyfDIxNy4xMTQuMjE4LjIxfDU4MTU5NjYyfDE2OTYzMzIxMjZ8MzNiNTZjMzQ2Mjk0OTMxMDZkZmRjZTM2MjIzYjkzN2Z8MzMz&vid=2182183406614&pstcnt=4_0
Title: от 253 грн

Search URL Search Domain Scan URL

URL: http://adline.kiev.ua/
Title: Реклама на порталі

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/password_recovery
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/reg
Title: Регистрация

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://mail.ukr.net/widget?lang=uk&theme=default HTTP 303
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Request Chain 81

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb8d9a1f-d7f6-49b2-9fbe-4edee6ec3486

Request Chain 83

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=02936f35ac82fa20

Request Chain 85

https://bid.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D HTTP 308
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-2nmGAdf09ZyYEE4HWQCwbISW0Ei7hTXwUkoKINOj&gpp={gpp}&gpp_sid={gpp_sid}

Request Chain 90

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=nELUVHxsdEZJRzh2eW55aWFzMzZsM3JZS2MyWWVHWkhFdHdBY3VoMEx4Wit4UzBEVk1YMTR1eEV2ZkpTWk92enNUUUUvMEZ5dUN2YzBQSHRseGdyYVJOTVA0Q2txK0dhUjl4TUFsTThyTkVpTUNXS0sreGZZQ3llMWFoMkQwdGNueldtZTJ6NFBCeTlIaDZSQ0JwV1hXN0NMK3BnRmp6TTJFckxDNUVwSC9FSGljMEV1OFVMaGx5TnZVM05ZbnZrOFFMdzBSRE9naFg5SGtHYy91QXZ2SXc2VUpzRm9UYy9VTG1jQnpic0l6bTQ4SXF4SjZJVm54VFR1dDNsUFBURHZMc0lmSFN5UW15RUs5SXVlRHZCWU5NYUZLdz09fA&cppv=2

Request Chain 103

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY64757QEQ_g4Y_g4yCFVnelAQir3D HTTP 301
https://tpc.googlesyndication.com/simgad/1772839622880022021

Request Chain 151

https://securepubads.g.doubleclick.net/pagead/adview?ai=CX29lX_kbZbi5EsK9-waEq6DABpeKlPpy5rHIpMMQyuLS4LIBEAEg55_DmQFglfqdgqwHoAGR66jYA8gBCakCniNm6Q-WsT7gAgCoAwHIA8sEqgSgAk_Q_uQx_ywi6jNqEib-bXkBbIeI3ukB2drhohEefD-tY32JhvURP0fhiQ_KYbisCgHaJfl0R7CS8kpqYJtGoBKPSt7xbzBXIrdSwE63cLvEBFuniInS6sPI6GqerI7r8yNf7BvKamE1Od3aNrrDa87b1TCg8rIg4BNhnnF5JV8Y4X93GV8WOCYeqMd3zugd-VnltiqVySsCbDaIAttI4rCvcyY1bWurVr_-tTSOhbhJ8HLZnVQ15yt6JR87tI6kAVMfAAW8Viw4U3njGsHYfuSIC0euqbl9ulN16X5dPYwl841KplBEoS5JH0nhFCsYNoBdkIX7k3OE314y5qdKXL7H_M4st_0sUVop8lzn3m6ACDkaNt3hXIvg6nGadac5tMAEgbfC2J8E4AQBiAWR8a2HRpIFBAgEGAGSBQQIBRgEoAYugAeQmMaAAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDI8BXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglGaHR0cHM6Ly93d3cuY29uZG9yLmNvbS9kZS9mbHVlZ2UvdHJpbmlkYWQtdG9iYWdvL3RvYmFnby8_Z2Nsc3JjPWF3LmRzJoAKA8gLAeINEwiVxvjO4dmBAxXC3t4KHYQVCGjYEw2IFAfQFQGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=Zy6jawT-0J4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSLQDICaaNkiGI6VM6kQUQKEnKNxb5Mt6J-_VCO-U3sSJAg18Ei6T1rMbPpoK50xgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214045650501003342519%22,%22debug_reporting%22:true,%22destination%22:%22https://condor.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990524817%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229550178370798979521%22}&andc=true

Request Chain 152

https://securepubads.g.doubleclick.net/pagead/adview?ai=CODC6X_kbZc28EsK9-waEq6DABs7Gs9Ztz7iGm_cQZBABIIjZs5gBYJX6nYKsB6AB4uvB2wPIAQmpAp4jZukPlrE-4AIAqAMByANIqgSdAk_Q-BsSgNHdhmfnsBoOnfdaWt0uOf-VoqY2hP_iBqUf3XjFeiwNsyHMkYZoRrRsOj_VS-DlQxIRmXPQX87bmq-KQ0ocElU5-474HS07CwgxoYdmV2VgcdhgFDNmFmwsbDsVH-eJQZFU1sbNHjHyfCbG3BfPuULhIoFsFM8e1uekPBi9mQfq6fNwNy3JP-2Xiw4Zudr9q0LkZjqsqAgrOf_CQGRNgyQeivwsCtDXhtH6MgVUguWdv__2OoE7wlXbDZuC8RvI6ZT1n8wB_28sq-wo1th0sbVyR5VYdEWzv1igXU0TKal7rEaEpD8qdLedKT4H79k40GEhbRgdMhqI8FgM7bT8VPWgUYmd2MACogvczHccN1UyJ6lOPJSoOsAEwOXssaME4AQBiAWUjPilQ5IFBAgEGAGSBQQIBRgEoAYugAeGlL4kqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3LML0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJLWh0dHBzOi8vd3d3LmxlZC1saWNodHJhdW0uZGUvaW5uZW5iZWxldWNodHVuZ4AKAcgLAeINEwiWxvjO4dmBAxXC3t4KHYQVCGjYEw3QFQGYFgGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=ogTDQKFQCJ0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSLQDICaaNkiGI6VM6kQUQKEnKNxb5Mt6J-_VCO-U3sSJAg18Ei6T1rMbPpoK50xgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215310239935608854927%22,%22debug_reporting%22:true,%22destination%22:%22https://led-lichtraum.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997225954%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217537141809906487057%22}&andc=true

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

180 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ukr.net/ 168 KB
43 KB 101ms
30ms Document
text/html 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4e3d546f00e410955c97940027e7bf5c195622724d0987cf61f7537844e763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-cache-status: DYNAMIC
cf-ray: 8104ce2ccdb818da-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 03 Oct 2023 11:22:06 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 top_links.css
upst.fwdcdn.com/css/1692357341/ 1 KB
626 B 110ms
38ms Stylesheet
text/css 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 3974727
etag: W/"64df52f2-48c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
cf-ray: 8104ce2d89d303e4-FRA
expires: Wed, 02 Oct 2024 11:22:06 GMT

GET
H2 200 /
upst.fwdcdn.com/css/ 4 KB
2 KB 129ms
57ms Stylesheet
text/css 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
cf-ray: 8104ce2d89d403e4-FRA
expires: Wed, 02 Oct 2024 11:22:06 GMT

GET
H2 200 main.css
upst.fwdcdn.com/css/6/portal/ 44 KB
8 KB 108ms
36ms Stylesheet
text/css 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://upst.fwdcdn.com/css/6/portal/main.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 12:31:02 GMT
server: cloudflare
age: 10104588
etag: "6481ca06-204a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8104ce2d89d603e4-FRA
content-length: 8266
expires: Wed, 02 Oct 2024 11:22:06 GMT

GET
H2 200 _desktop.js Show response
www.ukr.net/news/ 20 B
210 B 35ms
34ms Script
application/x-javascript 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.ukr.net/news/_desktop.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 10:55:51 GMT
server: cloudflare
age: 1575
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8104ce2d0df518da-FRA
x-xss-protection: 1; mode=block
expires: Tue, 03 Oct 2023 15:22:06 GMT

GET
H2 200 concat.js Show response
upst.fwdcdn.com/js/4/portal/ 167 KB
52 KB 104ms
34ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 May 2023 14:23:02 GMT
server: cloudflare
age: 10961866
etag: "6474b546-cc89"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8104ce2d89d703e4-FRA
content-length: 52361
expires: Wed, 02 Oct 2024 11:22:06 GMT

GET
H2 200 main.js Show response
upst.fwdcdn.com/js/10/portal/ 61 KB
17 KB 109ms
39ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://upst.fwdcdn.com/js/10/portal/main.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Jun 2023 10:06:02 GMT
server: cloudflare
age: 8298888
etag: "649d578a-42fb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8104ce2d89d803e4-FRA
content-length: 17147
expires: Wed, 02 Oct 2024 11:22:06 GMT

GET
H2 200 zakladki_v2.min.js Show response
zakladki.ukr.net/bookmarks/js/ 104 KB
19 KB 224ms
42ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 10:42:05 GMT
server: cloudflare
age: 534515
etag: W/"5f366a7d-19e00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 8104ce2f1e503a74-FRA
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 970x90.png
upst.fwdcdn.com/img/ 3 KB
3 KB 37ms
32ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/970x90.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 384211
etag: "6447ce22-cd3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce2dfa2e03e4-FRA
content-length: 3283
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 5 KB
5 KB 29ms
25ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 139341
etag: "51b860f4-140f"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce2dfa2f03e4-FRA
content-length: 5135
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
65 KB 214ms
32ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9277130375cd18f09745049754ace5d05dfea60ba78be3403aa0d2fbf9e6a32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66496
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 11:22:06 GMT

GET
H2 200 fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 4 KB
4 KB 30ms
26ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Oct 2014 14:11:04 GMT
server: cloudflare
age: 88951
etag: "542eae78-1134"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce2dfa3003e4-FRA
content-length: 4404
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 5 KB
5 KB 35ms
31ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Oct 2014 10:17:53 GMT
server: cloudflare
age: 111721
etag: "5437b251-134e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce2dfa3203e4-FRA
content-length: 4942
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 300x250.png
upst.fwdcdn.com/img/ 4 KB
4 KB 36ms
33ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x250.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 382009
etag: "6447ce22-e74"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce2dfa3403e4-FRA
content-length: 3700
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 300x145.png
upst.fwdcdn.com/img/ 3 KB
3 KB 35ms
32ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x145.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 521753
etag: "6447ce22-a9f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce2dfa3503e4-FRA
content-length: 2719
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 email-decode.min.js Show response
www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
848 B 24ms
24ms Script
application/javascript 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 11:52:30 GMT
server: cloudflare
etag: W/"6514177e-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8104ce2ddef718da-FRA
expires: Thu, 05 Oct 2023 11:22:06 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 254ms
79ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8104ce2f1a585d84-FRA

GET
H2 200 hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/471203/ 920 B
799 B 215ms
34ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://player.adtcdn.com/prebidlink/471203/hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 09:35:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 731
etag: W/"650c0e4a-398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FKANXYS68uHOVNz299vHxO2CtAfaesvLhEF8pSO9WrtE6fwYLMyC%2Bo1f3dpbDUxPmHqz4urpJXSagZqzczizB3ALztlXD2j8%2BN5GYJLypBMRGNpcUztur%2BZRdFeXp1Yi%2F7Qq854fm9Li8S12QLJLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 8104ce2f1b542bc6-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Oct 2023 11:24:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 270ms
96ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ab4d322a2fe1861dcb61cfcd9c35efe15fdbfbf4983960aa0bd7610268e844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29396
x-xss-protection: 0
server: cafe
etag: 617 / 19633 / m202309260101 / config-hash: 12427587730153560373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 11:22:06 GMT

GET
H2 200 wrapper_hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/471203/ 2 KB
1 KB 213ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://player.adtcdn.com/prebidlink/471203/wrapper_hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd878d7b9cbcc8e5c3f4d37212e2ab9bc4bcc20281586ed64ab8485247ae77be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 09:35:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 731
etag: W/"650c0e4a-865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWLayGMqo1%2Bc3qQJqVDxH7j7%2FAKF17QB%2FG347wTrCaCs5hljkqBeGf%2BoIXOE4x1T7AX0sMiFYAwi03dpECm%2BWG7XZRY6anqaEkH%2B4DW3iMFjp3Os8a0wnURmJu1%2BR3xf64NDIs3azEsX%2BSMTFshryw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 8104ce2f1b5b2bc6-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Oct 2023 11:24:55 GMT

GET
H2 200 test Show response
accounts.ukr.net/public/access/ 2 B
271 B 201ms
33ms XHR
text/plain 212.42.75.253
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://accounts.ukr.net/public/access/test?_=1696332126389
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
x-upstream: 4210.10.20.37:5080
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length: 2

GET
H2

200

https://mail.ukr.net/widget?lang=uk&theme=default
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

1 KB
1 KB

25ms
25ms

Document
text/html

212.42.75.253
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL

https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

frvdc-253.fwdcdn.com

Software

nginx /

Resource Hash

1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://.ukr.net http://.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://.ukr.net; report-uri /csp-blocked
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://www.ukr.net/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 11:22:06 GMT
expires: Tue, 03 Oct 2023 11:22:05 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-frame-options: ALLOW-FROM https://www.ukr.net/
x-upstream: 4110.10.20.48:5080
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date: Tue, 03 Oct 2023 11:22:06 GMT
expires: Tue, 03 Oct 2023 11:22:05 GMT
location: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server: nginx

GET
H2 200 5ysrIfrF92 Show response
go.rcvlink.com/ifr/ Frame 2DBC 15 KB
7 KB 135ms
25ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 03 Oct 2023 11:22:06 GMT
etag: W/"63c6f377-3b12"
expires: Wed, 04 Oct 2023 11:22:06 GMT
last-modified: Tue, 17 Jan 2023 19:13:59 GMT
server: nginx

GET
H2 200 v2 Show response
a4p.adpartner.pro/jsunit/jsonp/ 1022 B
840 B 321ms
168ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery300024383515680912438_1696332126374&_=1696332126375
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 6be34124364e45c63ee958d6e52170de3c60e2fead91d217d37d7b92246f832a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show_json/ukrnet/ 525 B
713 B 275ms
116ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Download Go to

Full URL

https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery300024383515680912438_1696332126376&_=1696332126377

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

c3281bab87c2a53dd24b64031e759b2d404ad5442eb5ab13a36cbb95ff951e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
strict-transport-security: max-age=15768000, max-age=15768000
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
content-type: text/html; charset=utf-8

GET
H2 200 grey-pix.gif
upst.fwdcdn.com/img/ 53 B
132 B 40ms
39ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/grey-pix.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 359681
etag: "51b860f4-35"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce2e2a6b03e4-FRA
content-length: 53
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 ukrnet2.js Show response
trafmag.com/ 4 KB
4 KB 132ms
31ms Script
application/json 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Download Go to

Full URL

https://trafmag.com/ukrnet2.js?callback=jQuery300024383515680912438_1696332126378&_=1696332126379

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

41a5acd50776736547d280053c1a4c3b9f52cd468e250337490c129265fe5b83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: application/json; charset=utf-8
date: Tue, 03 Oct 2023 11:22:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/c5/ 1 B
415 B 121ms
29ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://counter.ukr.net/c5/cnt.php?rand=0.8712217016865751&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:06 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 03 Oct 2023 11:22:05 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/portal/ 315 B
705 B 82ms
28ms Script
application/octet-stream 212.42.73.60
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.46256096243732325&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 946c4a8349e32781450a6c754d2ae39db54bb7ae58722dd73a97ddd6f6b32b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 03 Oct 2023 11:22:05 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/lid/329/ 1 B
415 B 81ms
27ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://counter.ukr.net/lid/329/cnt.php?rand=0.037934258966490164&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:06 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 03 Oct 2023 11:22:05 GMT

GET
H2 204 /
loadercdn.net/ 0
169 B 405ms
87ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Download Go to Show image

Full URL: https://loadercdn.net/?u=acdfcd6893af3656&d=www.ukr.net
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 03 Oct 2023 11:22:06 GMT
server: openresty

GET
H2 200 hbp_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 470 KB
149 KB 121ms
28ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/471203/hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d1c03ab7dff5ee0d57cca9e6a59ee8cee99682ff6c8a1df23ceb3de8034d2e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 11:22:06 GMT
date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2023 09:27:30 GMT
server: nginx
etag: W/"650c0c82-75795"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 hbw_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/uSRi0/ 166 KB
44 KB 147ms
62ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.adtelligent.com/prebidlink/uSRi0/hbw_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/471203/wrapper_hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94d5313d2f6f2a8648a4880f4dda229eeb5a334635e7eeb0cf20573825a12fb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 11:22:06 GMT
date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2023 09:35:06 GMT
server: nginx
etag: W/"650c0e4a-29744"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 start.json Show response
www.ukr.net/ajax/ 43 KB
15 KB 35ms
34ms XHR
application/json 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.ukr.net/ajax/start.json

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e16355f3ab24031b15847c78ea1efde078430a2b3c6469748fe014c0133a723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 8104ce2fa8d918da-FRA
x-xss-protection: 1; mode=block

GET
H2 200 1696332126726.html Show response
www.ukr.net/view/main/100138372,5202,559,742,141,1776,91,127,12,157,27,22,2,4,13,36,11,1,12,59,11,56,7,20,40,4,5,4,6,17,11,2,9,1,17,10,10,3,1,13,30,12,7,3,13,1,10,2,5,5,11,11,6,3,3,11,5,1,9,7,6,1,2... 0
89 B 34ms
33ms XHR
text/plain 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.ukr.net/view/main/100138372,5202,559,742,141,1776,91,127,12,157,27,22,2,4,13,36,11,1,12,59,11,56,7,20,40,4,5,4,6,17,11,2,9,1,17,10,10,3,1,13,30,12,7,3,13,1,10,2,5,5,11,11,6,3,3,11,5,1,9,7,6,1,2,6,4,4,3,3,4,4,3,2,7,5,10,1,3,2,7,7,3,2,2,1,9,11,12,12,3,1,15,22,15/1696332126726.html

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
etag: "51b860f4-0"
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/plain
accept-ranges: bytes
cf-ray: 8104ce30193518da-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 top_links.png
upst.fwdcdn.com/img/1692357341/ 3 KB
3 KB 41ms
40ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1692357341/top_links.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/1692357341/top_links.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 345777
etag: "64df52f2-b6b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce306ced03e4-FRA
content-length: 2923
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 395 B
349 B 32ms
31ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 112604
etag: W/"6076e064-18b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 8104ce306cee03e4-FRA
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 461 B
315 B 36ms
35ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 85591
etag: W/"6076e064-1cd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 8104ce306cf103e4-FRA
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 dot.svg
upst.fwdcdn.com/img/portal/main/ 650 B
475 B 34ms
33ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 359681
etag: "637656b5-18e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce306cf203e4-FRA
content-length: 398
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 arrow.svg
upst.fwdcdn.com/img/portal/main/ 233 B
264 B 29ms
29ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 359681
etag: "637656b5-bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce306cf303e4-FRA
content-length: 188
expires: Tue, 10 Oct 2023 11:22:06 GMT

GET
H2 200 pinformer4.php Show response
pinformer.sinoptik.ua/ Frame B7F1 6 KB
2 KB 117ms
35ms Document
text/html 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 1e279e2cb37c7872e2aab36687b0f8900b710f83082f8a7db12063c935dbb2be

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 11:22:07 GMT
expires: Tue, 03 Oct 2023 11:27:07 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
87 KB 35ms
32ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf0e45b54057eb289b80397725e413d39bc5180d8992b93e24e9a979772e1207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Oct 2023 11:22:06 GMT

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 2DBC 30 B
223 B 27ms
25ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 227d70f07a1184944e5fe0cbc2175e4808bc8dbcf27bb28721980e42d69a5f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 03 Oct 2023 11:22:06 GMT
cache-control: private, max-age=63115200
content-encoding: gzip
content-type: text/javascript;charset=utf-8
server: nginx
expires: Fri, 03 Oct 2025 02:22:06 +0300

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 410 KB
130 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8209
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132541
x-xss-protection: 0
server: cafe
etag: 15229329507080665565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 02 Oct 2024 09:05:17 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/portal/ 1 B
415 B 64ms
20ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.46256096243732325&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.46256096243732325&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 03 Oct 2023 11:22:06 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 143 B
410 B 304ms
31ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/uSRi0/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4ca8234b7830f6beef93e1ed0e6620c11956b3a9b6a1e049f3ccab32ab41a1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:07 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 143

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 305ms
33ms XHR
image/gif 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=742228&site_id=17438&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=a8cm4f.8u&features=81952&vpbv=N174&lifecycle_tte=908
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/uSRi0/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:07 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 / Show response
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 2DBC 0
487 B 31ms
31ms XHR
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=sJ3Z7NHdvmw&ver=230117-2113&w=200&h=0&vw=200&ms=136.1&me=0&ref=&
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 11:22:07 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/javascript;charset=utf-8
hn: b24
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Tue, 03 Oct 2023 14:22:07 +0300

POST
H2 200 csp-blocked
accounts.ukr.net/ Frame DB07 2 B
99 B 24ms
24ms Other
text/html 212.42.75.253
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://accounts.ukr.net/csp-blocked
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/csp-report

Response headers

x-upstream: 41, 41127.0.0.1:8082
date: Tue, 03 Oct 2023 11:22:07 GMT
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 bundle.css
accounts.ukr.net/widget/login/css/ Frame DB07 11 KB
3 KB 25ms
24ms Stylesheet
text/css 212.42.75.253
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
last-modified: Mon, 25 Sep 2023 13:44:10 GMT
server: nginx
etag: W/"65118eaa-2c24"
content-type: text/css
x-upstream: 4110.10.20.48:5080
cache-control: max-age=1209600
expires: Tue, 17 Oct 2023 11:22:07 GMT

GET
H2 200 bundle.js Show response
accounts.ukr.net/widget/login/js/ Frame DB07 161 KB
44 KB 29ms
29ms Script
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
last-modified: Mon, 25 Sep 2023 13:44:10 GMT
server: nginx
etag: W/"65118eaa-28496"
content-type: application/javascript
x-upstream: 4110.10.20.37:5080
cache-control: max-age=1209600
expires: Tue, 17 Oct 2023 11:22:07 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/742150/ 2 KB
1 KB 58ms
19ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/742150/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 85a8855e56603f1620763c5fbb8ac73d9ca2ee93b337fcb2174df161bcef706e

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

expires: Wed, 04 Oct 2023 11:22:07 GMT
date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 12:01:23 GMT
server: nginx
etag: W/"651ab113-8b3"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame B7F1 11 KB
3 KB 33ms
32ms Stylesheet
text/css 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:04:12 GMT
server: nginx
etag: W/"5f620d4c-2deb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Thu, 02 Nov 2023 11:22:07 GMT

GET
H2 200 swPortal4.js Show response
pinformer.sinoptik.ua/js/15/ Frame B7F1 115 KB
38 KB 37ms
36ms Script
application/x-javascript 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 14:54:44 GMT
server: nginx
etag: W/"5f622734-1cc1f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000, public
expires: Thu, 02 Nov 2023 11:22:07 GMT

GET
H2 200 t.gif
pinformer.sinoptik.ua/img/ Frame B7F1 43 B
232 B 32ms
31ms Image
image/gif 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/t.gif
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 43
expires: Thu, 02 Nov 2023 11:22:07 GMT

GET
H2 200 2_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame B7F1 2 KB
2 KB 35ms
34ms Image
image/jpeg 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/2_0.jpg
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 08fc807b6f0761f04903226d1362561623318797ff556534439d94a6810aa979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-6e1"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1761
expires: Thu, 02 Nov 2023 11:22:07 GMT

GET
H2 200 / Show response
www.ukr.net/sinoptik/102948339/ Frame B7F1 0
314 B 40ms
35ms Script
application/x-javascript 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.ukr.net/sinoptik/102948339/
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1696332126454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:07 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 3 Oct 2023 11:22:07 UTC
server: cloudflare
etag: "51b98b6a-0"
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges: bytes
cf-ray: 8104ce32cbea18da-FRA
content-length: 0
expires: Tue, 3 Oct 2023 11:22:07 UTC

POST
H2 200 z Show response
s.zfctrack.net/ Frame F0C3 102 B
450 B 191ms
52ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Download Go to

Full URL: https://s.zfctrack.net/z
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: eeab334e63531792b1c376366ba64ee8aac176d26b29918b63c9da2140c42a40

Request headers

Content-Type: text/plain;charset=UTF-8
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 88ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je39r0&_p=1879361788&_gaz=1&cid=2044042054.1696332127&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696332127&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 92ms
29ms Ping
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-75WQ2FHNW7&cid=2044042054.1696332127&gtm=45je39r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 106ms
44ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-75WQ2FHNW7&cid=2044042054.1696332127&gtm=45je39r0&aip=1&z=2128407790

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
go.rcvlink.com/err/ Frame 2DBC 43 B
146 B 39ms
32ms Image
image/gif 136.243.84.75
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=230117-2113&ms=250&text=!responseText&ref=
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx / PHP/7.4.33
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

hn: m1
date: Tue, 03 Oct 2023 11:22:07 GMT
cache-control: no-store
server: nginx
x-powered-by: PHP/7.4.33
content-type: image/gif

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 61 KB
23 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12e2c7dba4f94aee8d24dca931ae82a9e35309125d1c48bdc80187bb25d1eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1109
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23301
x-xss-protection: 0
server: cafe
etag: 14399278723672461634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 12:03:38 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 156ms
62ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Oct 2023 11:22:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 277 KB
69 KB 835ms
834ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4445681601648912&correlator=1617283645914102&eid=31077098%2C31078018%2C31077231%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C120x600%7C160x600%2C300x145%7C300x175&ifi=1&sfv=1-0-40&fsfs=0%2C1&fsbs=1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696332127240&lmt=1696324927&adxs=130%2C995&adys=89%2C446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&rumc=4445681601648912&rume=1&vis=1&psz=1600x4791%7C300x145&msz=160x-1%7C300x145&fws=512%2C512&ohw=0%2C0&ga_vid=2044042054.1696332127&ga_sid=1696332127&ga_hid=1879361788&ga_fc=true&dlt=1696332126230&idt=929&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=3371586687%2C216364347&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac163455be145b3ada40e1c6e28851c5c95e5ab4a9c60f1b4b97c3462061156f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71066
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8A00 6 KB
3 KB 117ms
28ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 11:22:07 GMT
expires: Wed, 02 Oct 2024 11:22:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icon-top.svg
upst.fwdcdn.com/img/portal/main/ 525 B
448 B 27ms
25ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 359682
etag: "637656b5-13e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce3398ae03e4-FRA
content-length: 318
expires: Tue, 10 Oct 2023 11:22:07 GMT

GET
H2 200 bg-main-static.png
upst.fwdcdn.com/img/ 10 KB
10 KB 30ms
30ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/bg-main-static.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 10:54:06 GMT
server: cloudflare
age: 89422
etag: "5ea80b4e-2962"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce3398b103e4-FRA
content-length: 10594
expires: Tue, 10 Oct 2023 11:22:07 GMT

GET
H2 200 favorites.svg
upst.fwdcdn.com/img/portal/main/ 673 B
473 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 359664
etag: "637656b5-16d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce3398b203e4-FRA
content-length: 365
expires: Tue, 10 Oct 2023 11:22:07 GMT

GET
H2 200 regions-star.svg
upst.fwdcdn.com/img/portal/main/ 830 B
570 B 43ms
42ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 359359
etag: "637656b5-1d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce33a8c403e4-FRA
content-length: 470
expires: Tue, 10 Oct 2023 11:22:07 GMT

GET
H2 200 currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 3 KB
3 KB 27ms
26ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 88567
etag: "637656b5-be5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce33b8d603e4-FRA
content-length: 3045
expires: Tue, 10 Oct 2023 11:22:07 GMT

GET
H2 200 arrow.svg
www.ukr.net/img/portal/main/ 233 B
410 B 34ms
33ms Image
image/svg+xml 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://www.ukr.net/img/portal/main/arrow.svg

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 537813
content-length: 188
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
etag: "637656b5-bc"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce33bccf18da-FRA
expires: Tue, 10 Oct 2023 11:22:07 GMT

GET
H2 200 orakul-sprite.gif
upst.fwdcdn.com/img/ 7 KB
7 KB 37ms
36ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 359528
etag: "51b860f4-1ad2"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8104ce33b8d803e4-FRA
content-length: 6866
expires: Tue, 10 Oct 2023 11:22:07 GMT

GET
H2 200 runtime.js Show response
upst.fwdcdn.com/js/ Frame B7F1 408 KB
122 KB 27ms
26ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://upst.fwdcdn.com/js/runtime.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2017 14:33:26 GMT
server: cloudflare
age: 30601937
etag: "59380eb6-1e6e9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8104ce33d8f603e4-FRA
content-length: 124649
expires: Wed, 02 Oct 2024 11:22:07 GMT

GET
H2 200 ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame B7F1 149 B
339 B 33ms
32ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-95"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 149
expires: Thu, 02 Nov 2023 11:22:07 GMT

GET
H2 200 term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame B7F1 389 B
579 B 34ms
34ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-185"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 389
expires: Thu, 02 Nov 2023 11:22:07 GMT

GET
H2 200 s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame B7F1 185 B
375 B 35ms
35ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-b9"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 185
expires: Thu, 02 Nov 2023 11:22:07 GMT

GET
H/1.1 200
OK vr Show response
ghb.adtelligent.com/ 48 B
314 B 34ms
33ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.adtelligent.com/vr?bids=18960
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/uSRi0/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:07 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 48

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
19 KB 984ms
983ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4445681601648912&correlator=3993744838475855&eid=31077098%2C31078018%2C31077231%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600%2C300x145%7C300x250%7C300x400%2C300x600%7C300x250%7C300x400&ifi=3&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696332127391&lmt=1696324927&adxs=995%2C995%2C995&adys=196%2C1153%2C1959&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&rumc=4445681601648912&rume=1&vis=1&psz=300x250%7C300x250%7C300x0&msz=300x107%7C300x145%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&ga_vid=2044042054.1696332127&ga_sid=1696332127&ga_hid=1879361788&ga_fc=true&dlt=1696332126230&idt=929&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=2774844501%2C3317177319%2C3449700283&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1f5599e5e988ee7e343cd3df74fbc04c597b1ed9406f2c62cb1135608ded71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19667
x-xss-protection: 0
google-lineitem-id: -1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame DB07 58 KB
17 KB 27ms
25ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?64280814ffe96cfa63b8
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
last-modified: Mon, 25 Sep 2023 13:44:10 GMT
server: nginx
etag: W/"65118eaa-e602"
content-type: application/javascript
x-upstream: 4110.10.20.37:5080
cache-control: max-age=1209600
expires: Tue, 17 Oct 2023 11:22:07 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 2 KB
771 B 35ms
35ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=463288&aid2=812819
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/uSRi0/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 3e623a810943d15ffa12d45d9732f837aa9eba1a20cf6eed0551032f84e90561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:07 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 465

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A3DA 15 KB
6 KB 109ms
35ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 11:22:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 352188
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb8d9a1f-d7f6-49b2-9fbe-4edee6ec3486

43 B
473 B

351ms
113ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb8d9a1f-d7f6-49b2-9fbe-4edee6ec3486
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:07 GMT
Server: Adtelligent
Etag: 02936f35ac82fa20
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb8d9a1f-d7f6-49b2-9fbe-4edee6ec3486
date: Tue, 03 Oct 2023 11:22:07 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 137ms
41ms Image
text/plain 216.52.2.91
AS-INAPCDN-OCY

General

Check archive.org

Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Oct 2023 11:22:07 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=02936f35ac82fa20

35 B
349 B

272ms
37ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=02936f35ac82fa20
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 03 Oct 2023 11:22:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=02936f35ac82fa20
Date: Tue, 03 Oct 2023 11:22:07 GMT
Server: Adtelligent
Etag: 02936f35ac82fa20
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 368ms
112ms Image
text/html 54.204.169.109
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.169.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-169-109.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://bid.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-2nmGAdf09ZyYEE4HWQCwbISW0Ei7hTXwUkoKINOj&gpp={gpp}&gpp_sid={gpp_sid}

43 B
484 B

360ms
120ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-2nmGAdf09ZyYEE4HWQCwbISW0Ei7hTXwUkoKINOj&gpp={gpp}&gpp_sid={gpp_sid}
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 11:22:07 GMT
Server: Adtelligent
Etag: 02936f35ac82fa20
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-2nmGAdf09ZyYEE4HWQCwbISW0Ei7hTXwUkoKINOj&gpp={gpp}&gpp_sid={gpp_sid}
access-control-allow-origin
date: Tue, 03 Oct 2023 11:22:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 183
content-type: text/html; charset=utf-8

GET
H2 200 html5objects.js Show response
upst.fwdcdn.com/js/ Frame B7F1 555 KB
136 KB 35ms
34ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://upst.fwdcdn.com/js/html5objects.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:48 GMT
server: cloudflare
age: 17315250
etag: "637656b4-21ee1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8104ce350a1e03e4-FRA
content-length: 138977
expires: Wed, 02 Oct 2024 11:22:07 GMT

POST
H2 599 acquire Show response
accounts.ukr.net/api/v1/token/verification/ Frame DB07 27 B
121 B 33ms
33ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Download Go to

Full URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

x-upstream: 4110.10.20.48:5080
date: Tue, 03 Oct 2023 11:22:07 GMT
server: nginx
content-length: 27
content-type: application/json

GET
DATA 200
OK truncated
/ Frame B7F1 2 KB
0 Image
image/jpeg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame B7F1 4 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd8a30f60bbe41b0bef677711421e212f254da66b1888a58bd99df2e696b448

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame A3DA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=nELUVHxsdEZJRzh2eW55aWFzMzZsM3JZS2MyWWVHWkhFdHdBY3VoMEx4Wit4UzBEVk1YMTR1eEV2ZkpTWk92enNUUUUvMEZ5dUN2YzBQSHRseGdyYVJOTVA0Q2txK0dhUjl4TUFsTThyTkVpTUNXS0sreGZZQ3llMWFoMk...

447 B
659 B

145ms
34ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nELUVHxsdEZJRzh2eW55aWFzMzZsM3JZS2MyWWVHWkhFdHdBY3VoMEx4Wit4UzBEVk1YMTR1eEV2ZkpTWk92enNUUUUvMEZ5dUN2YzBQSHRseGdyYVJOTVA0Q2txK0dhUjl4TUFsTThyTkVpTUNXS0sreGZZQ3llMWFoMkQwdGNueldtZTJ6NFBCeTlIaDZSQ0JwV1hXN0NMK3BnRmp6TTJFckxDNUVwSC9FSGljMEV1OFVMaGx5TnZVM05ZbnZrOFFMdzBSRE9naFg5SGtHYy91QXZ2SXc2VUpzRm9UYy9VTG1jQnpic0l6bTQ4SXF4SjZJVm54VFR1dDNsUFBURHZMc0lmSFN5UW15RUs5SXVlRHZCWU5NYUZLdz09fA&cppv=2

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b388ec3da97be723d989249e1217ebb854890851e555e757f75ce3218e28f3e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1189163
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=nELUVHxsdEZJRzh2eW55aWFzMzZsM3JZS2MyWWVHWkhFdHdBY3VoMEx4Wit4UzBEVk1YMTR1eEV2ZkpTWk92enNUUUUvMEZ5dUN2YzBQSHRseGdyYVJOTVA0Q2txK0dhUjl4TUFsTThyTkVpTUNXS0sreGZZQ3llMWFoMkQwdGNueldtZTJ6NFBCeTlIaDZSQ0JwV1hXN0NMK3BnRmp6TTJFckxDNUVwSC9FSGljMEV1OFVMaGx5TnZVM05ZbnZrOFFMdzBSRE9naFg5SGtHYy91QXZ2SXc2VUpzRm9UYy9VTG1jQnpic0l6bTQ4SXF4SjZJVm54VFR1dDNsUFBURHZMc0lmSFN5UW15RUs5SXVlRHZCWU5NYUZLdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 322594
content-length: 0
expires: 0

GET
H2 200 container.html Show response
9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2975 6 KB
3 KB 21ms
19ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 11:22:07 GMT
expires: Wed, 02 Oct 2024 11:22:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C04C 6 KB
3 KB 34ms
19ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 11:22:07 GMT
expires: Wed, 02 Oct 2024 11:22:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2975 4 KB
1 KB 92ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 11:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 11:16:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 11:22:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 2975 2 KB
973 B 95ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:36:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 2975 23 KB
9 KB 94ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:32:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 2975 3 KB
1 KB 123ms
57ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:31:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 2975 20 KB
8 KB 88ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:31:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2975 187 KB
59 KB 172ms
103ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 11:22:08 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 2975 36 KB
15 KB 109ms
45ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
H2 200 15512591896598457045
tpc.googlesyndication.com/gpa_images/simgad/ Frame 2975 10 KB
10 KB 105ms
44ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/15512591896598457045?w=200&h=200

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d24475162646c582244b213cb173b4dd8d2c78ad882d9d5c874305d5e267b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 07:17:35 GMT
x-content-type-options: nosniff
age: 360273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10348
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:59:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Sep 2024 07:17:35 GMT

GET
H2 200 18062822621702019365
tpc.googlesyndication.com/gpa_images/simgad/ Frame 2975 7 KB
7 KB 110ms
49ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/18062822621702019365?w=200&h=200

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

355466a88281872ea9a9c5aea34d7e95c306397521965e5ffcb3712878d74768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 23:18:16 GMT
x-content-type-options: nosniff
age: 561832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7217
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:17:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Sep 2024 23:18:16 GMT

GET
H2 200 7976521276314390389
tpc.googlesyndication.com/gpa_images/simgad/ Frame 2975 8 KB
8 KB 95ms
50ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/7976521276314390389?w=200&h=200

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6e1464285f27bddce8d9a47bc59600087c579bf004b95b0dde5007e82ee0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 08:16:42 GMT
x-content-type-options: nosniff
age: 356726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7864
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:17:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Sep 2024 08:16:42 GMT

GET
H2

200

1772839622880022021
tpc.googlesyndication.com/simgad/ Frame 2975
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY64757QEQ_g4Y_g4yCFVnelAQir3D
https://tpc.googlesyndication.com/simgad/1772839622880022021

63 KB
63 KB

23ms
22ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1772839622880022021

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e90b2b87607fd178648468c5425c0d6fc14f93e5602e1ffb9c7296dc536b1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:03:14 GMT
x-content-type-options: nosniff
age: 26334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64430
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 06:37:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 04:03:14 GMT

Redirect headers

date: Tue, 03 Oct 2023 06:29:22 GMT
x-content-type-options: nosniff
server: cafe
age: 17566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1772839622880022021
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Nov 2023 06:29:22 GMT

GET
H2 200 7a9087b9716ee70ebefd221ff96707f0.js Show response
www.gstatic.com/mysidia/ Frame 57E5 9 KB
4 KB 57ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
H2 200 cd233a70afb96cd167e1530303b3d74f.js Show response
www.gstatic.com/mysidia/ Frame 57E5 36 KB
14 KB 84ms
47ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14669
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 17:32:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 57E5 2 KB
926 B 89ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:36:04 GMT

GET
H2 200 34318042a12ad477a3bd4ee908fbc597.js Show response
www.gstatic.com/mysidia/ Frame 57E5 22 KB
9 KB 79ms
46ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/34318042a12ad477a3bd4ee908fbc597.js?tag=exit_2019

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b4d4bd8f20f46399529db4cfcc76d88faa578686da80b80c0daf2c99573f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9361
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:39:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 57E5 23 KB
9 KB 87ms
56ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:32:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 57E5 3 KB
1 KB 86ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:31:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 57E5 20 KB
8 KB 54ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:31:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57E5 187 KB
59 KB 178ms
144ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 11:22:08 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 57E5 36 KB
15 KB 50ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
DATA 200
OK truncated
/ Frame 2975 213 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a08dbb94238b5db0ac2d68789cf57064c31e8be79aa2a1a295a1fae86416f4b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
222 B 35ms
33ms XHR
text/plain 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/uSRi0/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Tue, 03 Oct 2023 11:22:08 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 container.html Show response
9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E88 6 KB
3 KB 38ms
23ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 11:22:07 GMT
expires: Wed, 02 Oct 2024 11:22:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F151 6 KB
3 KB 26ms
23ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 11:22:07 GMT
expires: Wed, 02 Oct 2024 11:22:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/ Frame 6414 11 KB
3 KB 26ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

179c282f75d9843cb791043ca27d2ea22aee6e74fae1a780b53470b928c6a083

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 325836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3217
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 16:51:32 GMT
expires: Sat, 28 Sep 2024 16:51:32 GMT
last-modified: Mon, 15 Aug 2022 15:23:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 57E5 211 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c51c155f198ce9ebac7faef4b3d360f11dc89b535512760390a02285ee87d6d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6414 6 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 10:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 04 Oct 2023 10:14:58 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6414 34 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 03 Oct 2023 13:31:21 GMT

GET
H3 200 9c18ffc4b1a92863648a6c38d0a4ff60.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/ Frame 6414 71 KB
19 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/9c18ffc4b1a92863648a6c38d0a4ff60.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693bf7fa49fd119335445732f50bb00275a61920eedbee0eb9bf65fc8cbada0b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 13:37:20 GMT
age: 78288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:23:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 13:37:20 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame 6E88 223 KB
62 KB 96ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:22 GMT
age: 8206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 6E88 15 KB
5 KB 169ms
92ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:21 GMT
age: 8207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:21 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 6E88 94 KB
28 KB 164ms
88ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:43:22 GMT
age: 5926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:43:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 6E88 5 KB
2 KB 156ms
81ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:21 GMT
age: 8207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:21 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 6E88 40 KB
13 KB 182ms
107ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:43:22 GMT
age: 5926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:43:22 GMT

GET
H3 200 16796236122977498562
tpc.googlesyndication.com/simgad/ Frame 6E88 28 KB
28 KB 22ms
21ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16796236122977498562?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk3N941iy2XjVLeIIzRp06jRsSvKg

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

614b2e2e5c67b0cf593cff7cc15b02ea51b5309cee2f0cf1c339ef35325a21d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 07:34:54 GMT
x-content-type-options: nosniff
age: 272834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28949
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 12:06:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Sep 2024 07:34:54 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E88 3 KB
3 KB 29ms
29ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 50806
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Tue, 03 Oct 2023 21:15:22 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E88 344 B
368 B 29ms
28ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 81176
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Oct 2023 12:49:12 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame F151 223 KB
61 KB 98ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:22 GMT
age: 8206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F151 15 KB
5 KB 139ms
94ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:21 GMT
age: 8207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:21 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F151 94 KB
28 KB 138ms
95ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:43:22 GMT
age: 5926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:43:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F151 5 KB
2 KB 136ms
93ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:21 GMT
age: 8207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:21 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F151 40 KB
13 KB 125ms
83ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:43:22 GMT
age: 5926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:43:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F151 14 KB
1 KB 31ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 11:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 10:12:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 11:22:08 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F151 3 KB
3 KB 20ms
20ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 50806
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Tue, 03 Oct 2023 21:15:22 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F151 344 B
368 B 21ms
21ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 81176
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Oct 2023 12:49:12 GMT

GET
DATA 200
OK truncated
/ Frame 6E88 216 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4319eae1897ed505a836a29f8b8aeec7f6249300d7504d1df9075ba68dbbdb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2975 21 KB
21 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 05:15:19 GMT
x-content-type-options: nosniff
age: 281209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 05:15:19 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2975 20 KB
20 KB 109ms
58ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 07:15:13 GMT
x-content-type-options: nosniff
age: 274015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 07:15:13 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12767421339921663108/ Frame F151 52 KB
52 KB 25ms
20ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12767421339921663108/14763004658117789537?w=400&h=209

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47790061b20a5ab95020f92aeaa0f2cc3752744ca3b5352e76427921607e083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 02:46:08 GMT
x-content-type-options: nosniff
age: 290160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53629
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 16:38:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Sep 2024 02:46:08 GMT

GET
DATA 200
OK truncated
/ Frame F151 206 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F151 209 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F151 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c80a44aee3847df1690cf572535ca735b36e3c0dd579f745ace1f58604de263e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F151 33 KB
33 KB 71ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 7970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 09:09:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6414 2 KB
571 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/9c18ffc4b1a92863648a6c38d0a4ff60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 11:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 11:17:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 11:22:08 GMT

GET
H3 200 e810c8ee553fb8bc924221fcdc16c114.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/media/ Frame 6414 2 KB
2 KB 26ms
21ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/media/e810c8ee553fb8bc924221fcdc16c114.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41b7fb6d384115885c126cd6ca2710c40e230aaf6259d5fa7687534fbfa9e0ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 27 Sep 2023 02:36:35 GMT
x-content-type-options: nosniff
age: 549933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2043
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:23:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 02:36:35 GMT

GET
H3 200 21e03a04093d9e03e3ae9ee594e53bfe.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/media/ Frame 6414 3 KB
3 KB 26ms
22ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/media/21e03a04093d9e03e3ae9ee594e53bfe.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7641335b7b4f0ff306a794e1a53b40ef1c1b7046c012745e600737b9cbb040d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3229404915348889818/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 03 Oct 2023 09:07:40 GMT
x-content-type-options: nosniff
age: 8068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2763
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:23:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 09:07:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6414 15 KB
16 KB 50ms
46ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:26:25 GMT
x-content-type-options: nosniff
age: 35743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 01:26:25 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 100ms
56ms Preflight
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CX29lX_kbZbi5EsK9-waEq6DABpeKlPpy5rHIpMMQyuLS4LIBEAEg55_DmQFglfqdgqwHoAGR66jYA8gBCakCniNm6Q-WsT7gAgCoAwHIA8sEqgSgAk_Q_uQx_ywi6jNqEib-bXkBbIeI3ukB2drhohEefD-tY32JhvURP0fhiQ_KYbisCgHaJfl0R7CS8kpqYJtGoBKPSt7xbzBXIrdSwE63cLvEBFuniInS6sPI6GqerI7r8yNf7BvKamE1Od3aNrrDa87b1TCg8rIg4BNhnnF5JV8Y4X93GV8WOCYeqMd3zugd-VnltiqVySsCbDaIAttI4rCvcyY1bWurVr_-tTSOhbhJ8HLZnVQ15yt6JR87tI6kAVMfAAW8Viw4U3njGsHYfuSIC0euqbl9ulN16X5dPYwl841KplBEoS5JH0nhFCsYNoBdkIX7k3OE314y5qdKXL7H_M4st_0sUVop8lzn3m6ACDkaNt3hXIvg6nGadac5tMAEgbfC2J8E4AQBiAWR8a2HRpIFBAgEGAGSBQQIBRgEoAYugAeQmMaAAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDI8BXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglGaHR0cHM6Ly93d3cuY29uZG9yLmNvbS9kZS9mbHVlZ2UvdHJpbmlkYWQtdG9iYWdvL3RvYmFnby8_Z2Nsc3JjPWF3LmRzJoAKA8gLAeINEwiVxvjO4dmBAxXC3t4KHYQVCGjYEw2IFAfQFQGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=Zy6jawT-0J4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSLQDICaaNkiGI6VM6kQUQKEnKNxb5Mt6J-_VCO-U3sSJAg18Ei6T1rMbPpoK50xgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 11:22:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2975
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CX29lX_kbZbi5EsK9-waEq6DABpeKlPpy5rHIpMMQyuLS4LIBEAEg55_DmQFglfqdgqwHoAGR66jYA8gBCakCniNm6Q-WsT7gAgCoAwHIA8sEqgSgAk_Q_uQx_ywi6jNqEib-bXkBbIeI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214045650501003342519%22,%22debug_reporting%22:true,%22destination%22:%22https://condor.com%22,%22event_report_window%22:%2...

0
0

403ms
56ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214045650501003342519%22,%22debug_reporting%22:true,%22destination%22:%22https://condor.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990524817%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229550178370798979521%22}&andc=true

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14045650501003342519","debug_reporting":true,"destination":"https://condor.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990524817"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"9550178370798979521"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 11:22:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 11:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14045650501003342519","debug_reporting":true,"destination":"https://condor.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990524817"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"9550178370798979521"}&andc=true
access-control-allow-origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 57E5
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CODC6X_kbZc28EsK9-waEq6DABs7Gs9Ztz7iGm_cQZBABIIjZs5gBYJX6nYKsB6AB4uvB2wPIAQmpAp4jZukPlrE-4AIAqAMByANIqgSdAk_Q-BsSgNHdhmfnsBoOnfdaWt0uOf-VoqY2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215310239935608854927%22,%22debug_reporting%22:true,%22destination%22:%22https://led-lichtraum.de%22,%22event_report_window...

0
0

403ms
55ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215310239935608854927%22,%22debug_reporting%22:true,%22destination%22:%22https://led-lichtraum.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997225954%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217537141809906487057%22}&andc=true

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15310239935608854927","debug_reporting":true,"destination":"https://led-lichtraum.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997225954"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"17537141809906487057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 11:22:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 11:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15310239935608854927","debug_reporting":true,"destination":"https://led-lichtraum.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997225954"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"17537141809906487057"}&andc=true
access-control-allow-origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 87ms
55ms Preflight
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CODC6X_kbZc28EsK9-waEq6DABs7Gs9Ztz7iGm_cQZBABIIjZs5gBYJX6nYKsB6AB4uvB2wPIAQmpAp4jZukPlrE-4AIAqAMByANIqgSdAk_Q-BsSgNHdhmfnsBoOnfdaWt0uOf-VoqY2hP_iBqUf3XjFeiwNsyHMkYZoRrRsOj_VS-DlQxIRmXPQX87bmq-KQ0ocElU5-474HS07CwgxoYdmV2VgcdhgFDNmFmwsbDsVH-eJQZFU1sbNHjHyfCbG3BfPuULhIoFsFM8e1uekPBi9mQfq6fNwNy3JP-2Xiw4Zudr9q0LkZjqsqAgrOf_CQGRNgyQeivwsCtDXhtH6MgVUguWdv__2OoE7wlXbDZuC8RvI6ZT1n8wB_28sq-wo1th0sbVyR5VYdEWzv1igXU0TKal7rEaEpD8qdLedKT4H79k40GEhbRgdMhqI8FgM7bT8VPWgUYmd2MACogvczHccN1UyJ6lOPJSoOsAEwOXssaME4AQBiAWUjPilQ5IFBAgEGAGSBQQIBRgEoAYugAeGlL4kqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3LML0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJLWh0dHBzOi8vd3d3LmxlZC1saWNodHJhdW0uZGUvaW5uZW5iZWxldWNodHVuZ4AKAcgLAeINEwiWxvjO4dmBAxXC3t4KHYQVCGjYEw3QFQGYFgGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=ogTDQKFQCJ0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSLQDICaaNkiGI6VM6kQUQKEnKNxb5Mt6J-_VCO-U3sSJAg18Ei6T1rMbPpoK50xgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 11:22:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6E88
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

36ms
35ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Redirect headers

date: Tue, 03 Oct 2023 11:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 16796236122977498562
tpc.googlesyndication.com/simgad/ Frame 6E88 28 KB
28 KB 22ms
21ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16796236122977498562?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk3N941iy2XjVLeIIzRp06jRsSvKg

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

614b2e2e5c67b0cf593cff7cc15b02ea51b5309cee2f0cf1c339ef35325a21d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 07:34:54 GMT
x-content-type-options: nosniff
age: 272834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28949
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 12:06:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Sep 2024 07:34:54 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E88 3 KB
3 KB 26ms
25ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 50806
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Tue, 03 Oct 2023 21:15:22 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E88 344 B
368 B 26ms
26ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 81176
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Oct 2023 12:49:12 GMT

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 24E6 37 KB
15 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 575021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:27 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 2975 61 KB
23 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12e2c7dba4f94aee8d24dca931ae82a9e35309125d1c48bdc80187bb25d1eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1110
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23301
x-xss-protection: 0
server: cafe
etag: 14399278723672461634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 12:03:38 GMT

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AED 37 KB
15 KB 76ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 575021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:27 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 57E5 61 KB
23 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12e2c7dba4f94aee8d24dca931ae82a9e35309125d1c48bdc80187bb25d1eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1110
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23301
x-xss-protection: 0
server: cafe
etag: 14399278723672461634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 12:03:38 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F151 3 KB
3 KB 21ms
20ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 50806
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Tue, 03 Oct 2023 21:15:22 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F151 344 B
368 B 21ms
20ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 81176
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Oct 2023 12:49:12 GMT

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 6414 37 KB
15 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 575021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:27 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2975 0
234 B 987ms
194ms Ping
image/gif 2607:f8b0:4012:814::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lna8cnnm&chm=1&c=4445681601648912&ctx=2&qqid=CPjk-c7h2YEDFcLe3godhBUIaA&met.4=fb.3d~lb.6n~ol.jx~idt.19~dt.-ok&met.3=492.3m_1~733.c3~748.d4~742.c3_15~555.eo~739.eo~556.ep_1~738.js~749.jt_4~736.l7~735.lp_1~740.lq_1~113.nb_4~112.nb_5&met.1=1.lna8cn0c~6.5~7.5~8.5~9.5~10.5~12.7~13.r~14.t~15.2l~16.en~17.en~18.eq~19.jh~20.jh~21.jx~22.45~23.45&met.7=CBsQCBgBKAUwHjjNBWgIcBt4iReAAd0UiAGSMLABAbgBAw~CBIQBxgBIHooejDXAThdQHtIe1B7WLYBYJkBaLYBcNYBeIgHgAHcBIgB1xyqAR0KG0dvb2dsZSBTYW5zIERpc3BsYXk6NDAwLDUwMLABAbgBAw~CBwQChgBIIEBKIEBMOIBOGBoxQFw4QF4jQmAAeEGiAGQDrABAbgBAw~CAkQChgBIIQBKIQBMPEBOG5oxQFw4gF410mAAatHiAHNtwGwAQG4AQM~CB4QChgBIIQBKIQBMIACOHxoxgFwgAJ4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIIQBKIQBMN4BOFpAhAFIiQFQiQFYwgFgnQFoxQFw3AF4hkOAAdpAiAHdnAGwAQG4AQM~CE0QChgBIIUBKIUBMNgCONMBQIYBSJkBUJkBWMoBYK4BaMsBcLECeJ7XA4AB8tQDiAHY2AuwAQG4AQM~CBsQChgBIIYBKIYBMPQBOG8~CBcQAhgBIIkBKIkBMPcBOG5oxgFw8gF4mFOAAexQiAHsULABAbgBAw~CBcQAhgBIIkBKIkBMPgBOG9oxgFw9wF43TqAAbE4iAGxOLABAbgBAw~CBcQAhgBIIkBKIkBMPsBOHJoxQFw-AF45D-AAbg9iAG4PbABAbgBAw~CAQQAhgBIIoBKIcCMKkCOJ8BaIgCcJ4CeNr5A4ABrvcDiAGu9wOQAYoBmAH9AbABAbgBAw~CCgQChgBIP4FKP4FMJoGOBxo_wVwlgZ4sbgBgAGFtgGIAezoA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6E88 0
0 69ms
66ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca8D8X_kbZYSYHISr-watz62ICprij6Nz3oevl4oS29keEAEgiNmzmAFglfqdgqwHoAGzpIP3AsgBAqkCR4Ncm9GNsT7gAgCoAwHIAwiqBJgCT9DlpqnHcE-WN-y1pKoHrvb0RdG3c7vqu0LpjtSt5aIoat4awkm6QEWnTvfKBcIt8ZcQaf5l9XR51aPdQRtfzUntCZKvkrfq4DZ95_4i9tkCd-6x_m1TTC6rIH_ShLJj60wSBTkzYpzGWJymRbpBjUyzOck10B_WG904UuyN9ihu4l0uOQEbfj7kuvdLFjuX99QPNZuneXwqMhP0l8v2NXZt3TyS_I6NjjTlHZbqyCjbC4kSoeuIMAhVkcKRUH5K0V5L-gttvFlSrLU3IikqTw8Kou9i1SokSHxdka_BYIBEgBt_Q7rIyi5moS9Cn4IpOxUA34aXdiY5HDfxLnSKqfvMI3ANThuGx8-0n4rp3J4quYC8DTWPqsAEksGhpawE4AQBiAX9wYPfTJIFBAgEGAGSBQQIBRgEoAYCgAeT2fyIAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO7FHtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCawBaHR0cHM6Ly93d3cuaHltZXIuY29tL2RlL2RlLzIwMjMtMDUtc2FsZXMtY2FtcGFpZ24tYmVyYXR1bmdzdGVybWluLWItbWM_dXRtX3NvdXJjZT1kaXNwbGF5JnV0bV9tZWRpdW09YmFubmVyJnV0bV9jYW1wYWlnbj0yMDIzLTA4LWh5bWVyLWJtYy1zdG9ja3NhbGUmdXRtX2NvbnRlbnQ9WkctMi1BZC0xYoAKAcgLAaIMDCoKCgjktLEC7rWxAuINEwiN84HP4dmBAxWE1d4KHa1nC6HYEw3QFQGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=zhB6wAEl2bo&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNyuUHlBgpqUogZZ4Zo3shG4ny7mYsjq3R_upbMlbnGFKOz3jQcvwvW3AJucJunrTfvLw9MKHG6SlKajC8J-zasQv-QWVfqhgB&cbvp=2
Requested by: Host: 9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
URL: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 57E5 0
54 B 954ms
196ms Ping
image/gif 2607:f8b0:4012:814::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lna8cno1&chm=1&c=4445681601648912&ctx=2&qqid=CI3o-c7h2YEDFcLe3godhBUIaA&met.4=fb.f~lb.5u~ol.gj~idt.-2t~dt.-sm&met.3=492.5r_1~733.9e~748.9w~749.9x~742.9e_p~739.a3~736.ae_1~555.ai~556.ai_1~735.aw_2~738.gj~113.jp_1~113.jp~112.jp_1&met.1=1.lna8cn4e~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~22.2j~23.78~1.lna8cn18~6.1~7.5~8.5~9.5~10.h~11.5~12.k~13.13~14.14~15.26~16.3z~17.3z~18.3z~19.jo~20.jo~21.jo&met.7=CBsQCBgBMAE4AQ~CBsQBxgBIA4oDjBJODs~CBsQBxgBIA4oDjBxOGM~CBwQChgBIBMoEzBsOFpoNHBseI0JgAHhBogBkA6wAQG4AQM~CBsQChgBIBQoFDBkOFE~CAkQChgBIBUoFTBuOFloNHBteNdJgAGrR4gBzbcBsAEBuAED~CB4QChgBIBYoFjBtOFdoNHBseIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIBcoFzBQODloNHBNeIZDgAHaQIgB3ZwBsAEBuAED~CE0QChgBIBcoFzDaATjCAWg5cMoBeJ7XA4AB8tQDiAHY2AuwAQG4AQM~CBsQChgBIBgoGDBiOEk~CB8QBRgBIM4BKM4BMOsBOB1o1QFw6gF4vRuAAZEZiAH3VLABAbgBAw~CCgQChgBIPAEKPAEMIoFOBpo8ARwhgV4sbgBgAGFtgGIAezoA7ABAbgBAw~CBsQCBgBKAEwKDjEBVAGWBFgBmgVcCd4iReAAd0UiAGSMKABjv__________AbABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F151 0
54 B 940ms
198ms Ping
image/gif 2607:f8b0:4012:814::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1696332128982&c=4445681601648912&qqid=CN3Jg8_h2YEDFYTV3godrWcLoQ&rt=any.link.58.3g.q.1m.0.0.1c87.1bzv~any.script.58.3w.1.2r.0.0.499.40x~any.script.58.4a.f.2s.0.0.mmt.meh~any.script.58.3u.1.2p.0.0.1pn.1hb~any.script.58.3m.4.2f.0.0.a7y.9zm~any.link.59.w.1.u.0.0.15o.xc~any.img.5a.l.1.k.0.0.2lp.2dd~any.img.5a.m.1.l.0.0.hw.9k~any.css.6b.11.c.k.0.0.15m1.15dp~any.img.dk.m.1.k.0.0.2lp.2dd~any.img.dk.m.1.k.0.0.hw.9k&met.a4a=dcl.204~ol.477~nvs.1696332128446~ini.1696332128982
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F151 0
0 66ms
66ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDUZqX_kbZZ2eHISr-watz62ICuqduqxzkpSPsaQRz8iivcABEAEgiNmzmAFglfqdgqwHoAHlhq_aAsgBCakCR4Ncm9GNsT7gAgCoAwHIAwqqBKgCT9BDyg6qXdviyxxNZTsWSwaqGRghnm2KYOlz5kGf0InMDHuSt_7IgNwT7eiBt7rMNQEV66sS7vMvuZeR12W-x2uT4_ovnNztnV1iderKTyzqszoRQ7dvIjAkUOTRGfC8ww6q5EH3Rkh0PSjmmwLdR6QI8lmHtyiP9jgKLDAaQ4HvpEXs9eULQAd5LUSXrYjgQebLoW46TGqojF3-KsOss3NANXv6Dn56UFqSPE6HvcqKQHCwaEqzR_NAq-3nW5AMzvO4JOmJn5-QTpIAIq4Ra7lREruKoPjzNKQ9RA0-TbeSCprCW_Ajtn23sRY7czYjlUKCGVSR5tnzuwai4Rxs9jfpQtLNYhstBBW-ZpeOZJhNPqy71d3lZnYQQlZ0mKI_mjKRKwuWC63ABMWc5PWQBOAEAYgFgMe3xkaSBQQIBBgBkgUECAUYBKAGLoAHg_nQpQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCn3ATSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglDaHR0cHM6Ly93d3cuYnJhdW5zY2h3ZWlnZXItemVpdHVuZy5kZS9zcG9ydC9laW50cmFjaHQtYnJhdW5zY2h3ZWlnL4AKAcgLAaIMDCoKCgjktLEC7rWxAuINEwiO84HP4dmBAxWE1d4KHa1nC6HYEw6IFAHQFQGYFgGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=IHIXYXaGoPk&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNyuUHlBgpqUogZZ4Zo3shG4ny7mYsjq3R_upbMlbnGFKOz3jQcvwvW3AJucJunrTfvLw9MKHG6SlKajC8J-zasQv-QWVfqhgB&template_id=5000&cbvp=2
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 106ms
53ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 11:22:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 106ms
53ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 11:22:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 6E88 0
54 B 746ms
195ms Ping
image/gif 2607:f8b0:4012:814::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1696332128973&c=4445681601648912&qqid=CMTDg8_h2YEDFYTV3godrWcLoQ&rt=any.link.4y.3n.z.n.1b.m.1c87.1bzv~any.script.4y.4q.1.2o.0.0.499.40x~any.script.4z.51.h.2k.0.0.mmt.meh~any.script.4z.4f.2.2d.0.0.1pn.1hb~any.script.4z.54.2.33.0.0.a7y.9zm~any.img.51.r.5.l.0.0.mkh.mc5~any.img.51.v.1.t.0.0.2lp.2dd~any.img.51.u.1.s.0.0.hw.9k~any.img.cu.t.7.l.0.0.mkh.mc5~any.img.cu.s.2.p.0.0.2lp.2dd~any.img.cu.s.2.q.0.0.hw.9k&met.a4a=dcl.222~ol.798~nvs.1696332128423~ini.1696332128974
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 115ms
69ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309260101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79487ae60c8c0786fcdbc269b021bddc7fd51b22c8ebb13bf757c819d945e23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12162
x-xss-protection: 0

POST
H2 204 rum Show response
www.ukr.net/cdn-cgi/ 0
163 B 39ms
37ms XHR
text/plain 2606:4700::6812:980
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.ukr.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:980 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: application/json

Response headers

date: Tue, 03 Oct 2023 11:22:09 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ukr.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8104ce3feb4c18da-FRA

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
234 B 88ms
85ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.ukr.net&doc=complete&pg_h=4791&pg_w=1600&pg_hs=4791&c=4&aa_c=0&av_h=348.750&av_w=265&av_a=83625&s=10&all_s=10&b=3218&all_b=3218&d=0.291&all_d=0.291&ard=0.044&all_ard=0.044&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 57E5 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst71nunQaHHVg2lgaFcBJRWxWCPvdBw1Kva3a4oLKDDIj4NXG6_C0VJLJ5Xqy6Y925WpwH30bExnqmAyVcBWLXVWrPInMOzCYOI7A4k_RL0viN5w8KkgsWVLAXX_IHt4ozhj53sq9KVpOLm1VqU3eiWVVHJTTjHzNRynzF2XH3N&sai=AMfl-YSkNfRzp1LZCgvIsZFlUJEeHobmNmMT7rfJtHNt8RKkgwTyre3YLPNX35v32686LRccYao8Re_s3fPtIdMpBynaE5zzEoYtTZ3lo7_k&sig=Cg0ArKJSzCLN7bAqOvIEEAE&cid=CAQSLQDICaaNkiGI6VM6kQUQKEnKNxb5Mt6J-_VCO-U3sSJAg18Ei6T1rMbPpoK50xgB&id=lidar2&mcvt=1000&p=0,0,38,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=216364347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696332128270&rpt=357&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 11:22:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DD7 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 10:19:47 GMT
expires: Wed, 02 Oct 2024 10:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E634 829 B
998 B 33ms
32ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2aa1cc00d808ee45bfa9fbae9bd1c0be7255069cd6002316d625c57384d17ade

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G6nMU8OepBhgvmwpRN15XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-G6nMU8OepBhgvmwpRN15XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 11:22:09 GMT
expires: Tue, 03 Oct 2023 11:22:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2975 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsGg03WXy-z2fXo93AN00_O10ZCXNXtotetaZxOjAsaaSkVMnMXf2V4uTG3UrdSkaC0DRih78DOG57JM5r3hXtoxuj3On26j0nWb24SaYcRMapA5sec4TwSx_rCaRLcjvQuDbvmeOw5M-T&sai=AMfl-YRBR0ko8wFF_nlAVKOvWsHSZvIcUFWClLZcu7fWCshmBxbqOamxJx3fm0wUP5FHzImjerACb83izT-6NeRJFBO-M1cT3pF5kKFVwgkt&sig=Cg0ArKJSzPozlmOhcJHjEAE&cid=CAQSLQDICaaNkiGI6VM6kQUQKEnKNxb5Mt6J-_VCO-U3sSJAg18Ei6T1rMbPpoK50xgB&id=lidar2&mcvt=1000&p=89,130,689,290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3371586687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696332128124&rpt=713&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E634 0
0 58ms
58ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309260101&jk=4445681601648912&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DD7 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:48:27 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6E88 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv05jcEVH8LIC8YKKHdun5t44BfJn7ap6LgbzhV8wt2wNvxE9slEAsIxohWZPIqaK5j1SQIM3-1LEoKrYtMgxLEenSA4vpfQWIRL5erZq7eZpP87KLCRf8sIAGQkVyTSTtMRV0CKIAvjwlO&sai=AMfl-YTmULFFVhcDmcAlFZ3MdycJhWA4JDDQGgFvNztinsgfbiZ6YX5CAAMFEVauy8ptyW4EtAR7ul3HOiuTl-gK0HUFOOWnCbOZhC4lhUMU6Un7QX8KROgwel0WrbklmkWakaaX-A6sYva59BfS&sig=Cg0ArKJSzOvbCIx0vTIEEAE&cid=CAQSSwDICaaNyuUHlBgpqUogZZ4Zo3shG4ny7mYsjq3R_upbMlbnGFKOz3jQcvwvW3AJucJunrTfvLw9MKHG6SlKajC8J-zasQv-QWVfqhgB&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=554&tls=1563&g=100&h=100&tt=1563&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8DD7 0
11 B 21ms
21ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JucIVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:22:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 198ms
198ms Ping
image/gif 2607:f8b0:4012:814::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lna8cmf7&c=4445681601648912&e=31077098%2C31078018%2C31077231%2C31061691%2C31061692&ctx=1&met.9=1.mx~2.sp~9.0~3_1.vc~7_1.0~7_3.0~9.0~3_7.zb~7_7.0~7_9.0~7_10.0~4_1.1ix~5_1.1ja~5_3.1k3~4_7.1r4~5_10.1rm~5_7.1rq~5_9.1s2~6_1.23f~6_3.242~6_9.25p~6_7.2e0&met.10=1_1.CAAQABgAIMIIKAA~1_3.CAAQABgAIMMIKAA~1_5.CAAQABiAmHUgsAgoAA~1_4.CAAQABiAmHUgsAgoAQ~1_2.CAAQABiAmHUgsAgoAQ~1_3.CAAQABiAmHUg_wgoAA~1_1.CAAQABiAmHUg_wgoAA~1_2.CAAQABgAIOsJKAA~1_4.CAAQABgAIOsJKAA~1_5.CAAQABgAIOsJKAA~1_10.CAAQABiAmHUggQooAA~1_9.CAAQABiAmHUggQooAA~1_7.CAAQABiAmHUggQooAA~1_3.COzTAhDs0wIYgJh1IIUQKAE~1_1.CIDuBRCA7gUYgJh1IIUQKAE~1_9.CMCpBxCkPxiAmHUguhIoAQ~1_7.CPjJBBD4yQQYgJh1ILoSKAE&met.3=112.yd_2~415.23f~415.242~415.25p~416.27u~410.27u~416.28p~410.28p~415.2e0~113.2es_3&met.1=1.lna8clgu~6.0~7.0~8.h~9.h~10.1p~11.10~12.1x~13.2t~14.33~15.2w~16.au~17.ej~18.ej~19.2e0~20.2e0~21.2ee~22.7p~23.ki&qqid.1=CPjk-c7h2YEDFcLe3godhBUIaA&qqid.3=CI3o-c7h2YEDFcLe3godhBUIaA&qqid.2=CMTDg8_h2YEDFYTV3godrWcLoQ&qqid.4=CN3Jg8_h2YEDFYTV3godrWcLoQ&qqid.5=CI_zgc_h2YEDFYTV3godrWcLoQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 11:22:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309260101&jk=4445681601648912&bg=!ODulO3TNAAYEJRtnJCU7ADQBe5WfOBjpyHsH7Xb1hJ4zejykeFhtXoZnmJNYstUNHQeLEI2Syn9i22hzfiDEB_9bgQsZAgAAAIdSAAAAB2gBBwoAoH917NVbmYHBn6Aei93ZvLJZaneU1CHHg5AmDFn7m8vBphhghV0N69WzolBwGJUhGik0Xlzg0Np-xQyva8bABdHj4xdsKchqh5-DyjPNOLOXCJHvk3v32H2Lo5KoG2Z-SyKOthA7pRFCsLTPzCPqcQBqER18-HJj7uL3GjnZ7GmZwgiGyysrJldzb-Ss65TaMALa6SUu7LfrjAv30cKpitmZArAQK6fL3bOYl6aXhvZT_lrB7Sgne_Q3v0AZmvVyA3Hgo6fKalPGbFXXKQ_0pRhJme-T-wkvniC-8vhIX1zHODk14vn_QwXZbn31TVfsBvSn8cyDnETnvXMdrQnNDBg1jBMWxzydj_dXUkGcJKOOjvfxfQ6ikGiuQI4fNJmM3lZvr9LHanZa7xJsb8ovkPosMUGyGln3-cErL3NAWbLI5PKQZ47axPI3YPBNTR_ZkhmLCDCh7P4PF-ZacmxFBq1smPMSmJuHavDi7f9Mkshg1hvu_CHAxEtNHBcdupCyqpnEvvnuAkFsSmWRx2Y3QQ4qTnzfD5GfabWEH6kISZlZXz6ZZqqwnBEuqp_bsKkgIP1psxbuS8v8Uvdg9I7dW0oW3N6E2gO6v7xZZvdt40wthx2BH14ISrKsfm_ax4EZvOd7N9zCdr7pNg-0WnqJYw24IfDKNDLl-m131SKE1gsz93KsIrjeAoYLQ1gfIUHLqHERieGeEVjjD0gRAAOdzloVG9gVP122LhDxkDG7puaCRp5fM6D9qXMCAepb9MmIfEslw6LdpQaTRbEEKSwbZd7mPhOGyHpXd1gIbTQEQ0362dRJOGBTH5niI7K3Alpa4vpS99xKEJB9Z5mCIs6kWd9GOnE-hqi7Vn4cwPvyfZs8R-pmp_5buCKZokRm8rCD5LktGLljglgmOaPJ6hrDlKNqVJHKJL2zSXFw4grITeEawyZbPkQtAsyw0-uI2wvP51VF6cQ802EmlQ__gNe4WR07C-zATou1AdG-nA7lWIaeXLezjdziRDyih0dbiCK1zSmcP9aX_yDG-AP9PlP3oUtp6KsEoYsE7HnGUKGaPWAP-VmTKu1Dc12toF-cr7bBlBJoIKg6zVmEc2ir2_wsimlu3HnkqmsUW6WngtGUBDL-N-kH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

301 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukr.net/	1970-01-20 23:57:48	Name: news_lang Value: ua
.ukr.net/	1970-01-20 23:57:48	Name: un_news_region Value: 9
.ukr.net/	1970-01-20 23:57:48	Name: snr Value: 9
.ukr.net/	1970-01-20 23:57:48	Name: scr Value: 9
.ukr.net/	1970-01-20 23:57:48	Name: sfr Value: 9
.ukr.net/	1970-01-20 23:57:48	Name: uid Value: Cj1tBGUb+V6H+xAvB1Z6Ag==
.fwdcdn.com/	1970-01-20 15:12:13	Name: __cf_bm Value: 2xaHrY4vBDi7DDzTcgNNyWZbIPdC8ghS0vsZtO_KxaY-1696332126-0-ASaX1e9nvvwpiI5YdXQwEH2RBtD14aTm3PmiiTxOPj5N1+ms6a0Enj/CINGOYvuRjgV4LSvpoe0QK9Lr+dfGJYY=
www.ukr.net/	1970-01-20 21:57:12	Name: cbtYmKname Value: acdfcd6893af3656
m.mixadvert.com/	1970-01-20 15:12:12	Name: 5c5362e43922ddee8c2e648fc1ef599c Value: 444320
m.mixadvert.com/	1970-01-20 15:13:38	Name: 1947520a25a381ca1dab9debd3ddf52c Value: 1
.ukr.net/	1970-01-20 15:12:13	Name: __cf_bm Value: STcO67VlbORDgM8gr3MsgnLSKP7iYXXIUNW4DlnNyfU-1696332126-0-ASQoLyPkO7nZBTVNHD4TK4CuX23lwpu3CbfjZgvcNwbsxZ/DQclNAmZ19+S8vuNUHwN0oxVEJTmeX9RGEVOGnNE=
.ukr.net/	1970-01-20 23:57:48	Name: fuelId Value: 3
loadercdn.net/	1970-01-21 00:48:12	Name: vui Value: 3a62e749cde24da98fa43716f6457326
.ukr.net/	1970-01-20 23:57:48	Name: tracknew Value: 1696332126653903.1696332127.1
www.ukr.net/	1970-01-20 15:55:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ukr.net/	1970-01-20 23:57:48	Name: _pubcid Value: 61b46b24-c402-4edf-9d7e-e3e473b5020d
.go.rcvlink.com/	1970-01-21 00:48:12	Name: cache Value: sJ3Z7NHdvmw
.ukr.net/	1970-01-21 00:48:12	Name: _ga_75WQ2FHNW7 Value: GS1.1.1696332127.1.0.1696332127.60.0.0
.ukr.net/	1970-01-21 00:48:12	Name: _ga Value: GA1.1.2044042054.1696332127
.ukr.net/	1970-01-20 23:57:48	Name: pcity Value: 102948339
a4p.adpartner.pro/	1970-01-20 16:38:36	Name: apuid Value: bb8d9a1f-d7f6-49b2-9fbe-4edee6ec3486
.adsinteractive.com/	1970-01-20 16:32:50	Name: uids Value: adsint-2nmGAdf09ZyYEE4HWQCwbISW0Ei7hTXwUkoKINOj
.criteo.com/	1970-01-21 00:33:48	Name: uid Value: 7ec8dc92-07bc-4082-bfb5-4afed03e2038
.ukr.net/	1970-01-21 00:33:48	Name: cto_bundle Value: Po1oQl9GSGNBblFuc2lHJTJGU1lkaXRMaU9BQmNhZiUyQjRYTXlIZUk1Vlo4MnJudXZRM2JBJTJGJTJGaXlHcE5jZVlHWDUzV2tuVEFjOUYwZVdpZHhuaDZudmd3SGl1YzAlMkZaZTRMYkl3aUNtOEpNSEJURXdDSjVvYk5RemFlaUtxJTJGcTN3d0JwRWJKOW9zWU4xSVFNJTJCR081aXBxdWZJSXBYQSUzRCUzRA
cookies.nextmillmedia.com/	1970-01-20 15:22:16	Name: NMUID Value: csuid_03f09640-d843-4577-a37c-08a6ea769f12
.adtelligent.com/	1970-01-20 16:41:28	Name: vmuid Value: 02936f35ac82fa20
.adtelligent.com/	1970-01-20 16:41:28	Name: a307558 Value: bb8d9a1f-d7f6-49b2-9fbe-4edee6ec3486
.adtelligent.com/	1970-01-20 16:41:28	Name: a750634 Value: adsint-2nmGAdf09ZyYEE4HWQCwbISW0Ei7hTXwUkoKINOj
.trafmag.com/	1970-01-21 00:48:12	Name: vid Value: 6319399035796396
.ukr.net/	1970-01-21 00:33:48	Name: __gads Value: ID=72dd96f209050d73:T=1696332127:RT=1696332127:S=ALNI_Mafn8Jq23SJCAs2F6XgSARbz4rjmQ
.ukr.net/	1970-01-21 00:33:48	Name: __gpi Value: UID=00000cb44e1f27f7:T=1696332127:RT=1696332127:S=ALNI_MYqbDRfqLFxo4Jioj0wiBojQ4I6kA
.doubleclick.net/	1970-01-20 15:12:15	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:33:48	Name: IDE Value: AHWqTUn9h96wvw4S8V93sN3rLJPTHLJGN1lPuXk7XzRzX0curdLVs7bzbmyt1GyeIPA
.googleadservices.com/	1970-01-20 17:21:48	Name: ar_debug Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.ukr.net/api/v1/token/verification/acquire Message: Failed to load resource: the server responded with a status of 599 ()
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9466d7a83f0619cc1dbccc8ccc8ae8c5.safeframe.googlesyndication.com
a4p.adpartner.pro
accounts.ukr.net
ap.lijit.com
bid.adsinteractive.com
cdn.ampproject.org
cookies.nextmillmedia.com
counter.ukr.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
gum.criteo.com
loadercdn.net
m.mixadvert.com
mail.ukr.net
mug.criteo.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
player.adtcdn.com
player.adtelligent.com
region1.analytics.google.com
s.zfctrack.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
trafmag.com
upst.fwdcdn.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukr.net
zakladki.ukr.net
104.18.8.128
136.243.84.75
142.250.186.130
147.135.189.55
157.245.23.44
178.250.7.13
185.187.81.40
185.187.81.41
193.200.65.2
193.200.65.5
2001:4860:4802:32::36
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
216.52.2.91
23.227.139.243
2606:4700::6810:3965
2606:4700::6812:409
2606:4700::6812:980
2607:f8b0:4012:814::2003
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9c
2a02:2638:d::2
2a02:2638:d::d
2a06:98c1:3121::3
2a0c:5c87:5239::2
45.133.44.3
54.204.169.109
54.38.197.123
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
08fc807b6f0761f04903226d1362561623318797ff556534439d94a6810aa979
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513
179c282f75d9843cb791043ca27d2ea22aee6e74fae1a780b53470b928c6a083
1e279e2cb37c7872e2aab36687b0f8900b710f83082f8a7db12063c935dbb2be
1e4e3d546f00e410955c97940027e7bf5c195622724d0987cf61f7537844e763
1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463
1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
227d70f07a1184944e5fe0cbc2175e4808bc8dbcf27bb28721980e42d69a5f57
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2aa1cc00d808ee45bfa9fbae9bd1c0be7255069cd6002316d625c57384d17ade
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
355466a88281872ea9a9c5aea34d7e95c306397521965e5ffcb3712878d74768
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
3e623a810943d15ffa12d45d9732f837aa9eba1a20cf6eed0551032f84e90561
41a5acd50776736547d280053c1a4c3b9f52cd468e250337490c129265fe5b83
41b7fb6d384115885c126cd6ca2710c40e230aaf6259d5fa7687534fbfa9e0ce
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
4ca8234b7830f6beef93e1ed0e6620c11956b3a9b6a1e049f3ccab32ab41a1c9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5ab4d322a2fe1861dcb61cfcd9c35efe15fdbfbf4983960aa0bd7610268e844b
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
614b2e2e5c67b0cf593cff7cc15b02ea51b5309cee2f0cf1c339ef35325a21d3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
693bf7fa49fd119335445732f50bb00275a61920eedbee0eb9bf65fc8cbada0b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6be34124364e45c63ee958d6e52170de3c60e2fead91d217d37d7b92246f832a
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
6e16355f3ab24031b15847c78ea1efde078430a2b3c6469748fe014c0133a723
6e90b2b87607fd178648468c5425c0d6fc14f93e5602e1ffb9c7296dc536b1cf
6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090
7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221
7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
79487ae60c8c0786fcdbc269b021bddc7fd51b22c8ebb13bf757c819d945e23e
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
85a8855e56603f1620763c5fbb8ac73d9ca2ee93b337fcb2174df161bcef706e
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8d24475162646c582244b213cb173b4dd8d2c78ad882d9d5c874305d5e267b5b
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
9277130375cd18f09745049754ace5d05dfea60ba78be3403aa0d2fbf9e6a32d
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
946c4a8349e32781450a6c754d2ae39db54bb7ae58722dd73a97ddd6f6b32b4f
94d5313d2f6f2a8648a4880f4dda229eeb5a334635e7eeb0cf20573825a12fb0
992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9cd8a30f60bbe41b0bef677711421e212f254da66b1888a58bd99df2e696b448
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
a08dbb94238b5db0ac2d68789cf57064c31e8be79aa2a1a295a1fae86416f4b2
a47790061b20a5ab95020f92aeaa0f2cc3752744ca3b5352e76427921607e083
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac163455be145b3ada40e1c6e28851c5c95e5ab4a9c60f1b4b97c3462061156f
ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b388ec3da97be723d989249e1217ebb854890851e555e757f75ce3218e28f3e7
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c3281bab87c2a53dd24b64031e759b2d404ad5442eb5ab13a36cbb95ff951e8a
c51c155f198ce9ebac7faef4b3d360f11dc89b535512760390a02285ee87d6d9
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c80a44aee3847df1690cf572535ca735b36e3c0dd579f745ace1f58604de263e
cb6e1464285f27bddce8d9a47bc59600087c579bf004b95b0dde5007e82ee0b2
ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35
cf0e45b54057eb289b80397725e413d39bc5180d8992b93e24e9a979772e1207
d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757
d1c03ab7dff5ee0d57cca9e6a59ee8cee99682ff6c8a1df23ceb3de8034d2e16
d1f5599e5e988ee7e343cd3df74fbc04c597b1ed9406f2c62cb1135608ded71f
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e6b4d4bd8f20f46399529db4cfcc76d88faa578686da80b80c0daf2c99573f5c
e7641335b7b4f0ff306a794e1a53b40ef1c1b7046c012745e600737b9cbb040d
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
eeab334e63531792b1c376366ba64ee8aac176d26b29918b63c9da2140c42a40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12e2c7dba4f94aee8d24dca931ae82a9e35309125d1c48bdc80187bb25d1eb8
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f4319eae1897ed505a836a29f8b8aeec7f6249300d7504d1df9075ba68dbbdb2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
fd878d7b9cbcc8e5c3f4d37212e2ab9bc4bcc20281586ed64ab8485247ae77be
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

www.ukr.net Open in urlscan Pro 2606:4700::6812:980 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

180 Requests

96 %HTTPS

54 %IPv6

27 Domains

42 Subdomains

40 IPs

8 Countries

2171 kBTransfer

6277 kBSize

34 Cookies

284 Outgoing links

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ukr.net Open in urlscan Pro
2606:4700::6812:980 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

96 %
HTTPS

54 %
IPv6

27
Domains

42
Subdomains

40
IPs

8
Countries

2171 kB
Transfer

6277 kB
Size

34
Cookies

180 HTTP transactions
8 data transactions