urlscan.io logo urlscan.io
SecurityTrails logo

sum.in.ua Open in urlscan Pro
195.242.161.64  Public Scan

Go To Rescan Add Verdict Report
URL: http://sum.in.ua/
Submission: On November 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 18 domains to perform 89 HTTP transactions. The main IP is 195.242.161.64, located in Ukraine and belongs to FORTUNE-AS, UA. The main domain is sum.in.ua.
This is the only time sum.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 195.242.161.64 47434 (FORTUNE-AS)
21 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 3 88.212.202.52 39134 (UNITEDNET)
1 1 104.18.3.81 13335 (CLOUDFLAR...)
1 104.18.2.81 13335 (CLOUDFLAR...)
1 89.184.81.35 28907 (MIROHOST ...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.181.226 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 185.89.210.141 29990 (ASN-APPNEX)
1 2 52.51.122.229 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.34 15169 (GOOGLE)
1 2.19.104.189 16625 (AKAMAI-AS)
3 2600:9000:212... 16509 (AMAZON-02)
5 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
89 25
6    195.242.161.64 (Ukraine)

ASN47434 (FORTUNE-AS, UA)
sum.in.ua
21    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
1    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
1    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
i.i.ua
1    89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua
c.hit.ua
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    52.51.122.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-122-229.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
11    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2.19.104.189 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-189.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    2600:9000:2127:8400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    2600:1f18:1aca:4280:1fc3:ac55:be2f:e60d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
427 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
113 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
104 KB
10 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 898
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 570
103 KB
6 sum.in.ua
sum.in.ua
130 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
2 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11595
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
49 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
128 KB
2 i.ua
r.i.ua — Cisco Umbrella Rank: 268864
i.i.ua — Cisco Umbrella Rank: 833523
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
570 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
2 KB
1 hit.ua
c.hit.ua — Cisco Umbrella Rank: 185887
757 B
89 18
Domain Requested by
21 pagead2.googlesyndication.com sum.in.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
sum.in.ua
tpc.googlesyndication.com
pagead2.googlesyndication.com
11 s0.2mdn.net sum.in.ua
s0.2mdn.net
googleads.g.doubleclick.net
7 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
sum.in.ua
6 sum.in.ua sum.in.ua
5 dt.adsafeprotected.com googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 static.adsafeprotected.com fw.adsafeprotected.com
googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 counter.yadro.ru 2 redirects sum.in.ua
2 googleads4.g.doubleclick.net sum.in.ua
2 fw.adsafeprotected.com 1 redirects sum.in.ua
2 www.googleadservices.com sum.in.ua
2 www.googletagservices.com googleads.g.doubleclick.net
sum.in.ua
2 connect.facebook.net sum.in.ua
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 tags.bluekai.com googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.facebook.com connect.facebook.net
1 c.hit.ua sum.in.ua
1 i.i.ua sum.in.ua
1 r.i.ua 1 redirects
89 25

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
www.i.ua
hit.ua
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-05 -
2023-12-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 14 frames:

Primary Page: http://sum.in.ua/
Frame ID: 9431E4B5C2BE2086A0944C68200715B1
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36fdc21e673e9c%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ff1a5178a89b5cb%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small
Frame ID: 6076185C67158C6115CE5E1EC1F233E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 3F02D9CEB2D4C76C78CEA0A7E92261B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Frame ID: 85AB91531F99D2EAA4F5CD22EC884A8C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1701033455&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1701033454792&bpp=2&bdt=465&idt=252&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6868198912&nras=1&correlator=2752241482276&frm=20&pv=1&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=260
Frame ID: 59B695C41D33693626D55F65FE6B1AD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 6E891164EFA342CAC657D14448647A40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKaL-_4BMAE&v=APEucNU6JAgSS7AroHeXNwgJnhqcuwsLQUooLcDWG3ecP5bgJzZf4fY4LCur175_eDz8C97RiOooNVkBto4eWEyvl9PavdQEvHkJUfYcYjN-D20baOcdIpx3xcKAHxgTNn0ZZZdB8STTwLjPmwFRQuzTXtqqMG_WLb1WkD_pdd-k9WV3-ZDPF1M
Frame ID: 2DE29C7C3754FC681E9FC9A5491309DC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 89BC3DDE08323E485071C55812DEFBDC
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: F458B3C337302FD55F55B954773176FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EBBCC1EFF0DE9CC555B14C1150EEF31F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
Frame ID: C5B0CD418A104D96FCE08F2CE038203E
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 267B20074EC3C285A39515BF604CCAD3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE4F317CE681B8335E87891F305A91CF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A48F24071F3D92D02CA10C98AC5B6C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Академічний тлумачний словник української мови

Detected technologies

Overall confidence: 100%
Detected patterns
  • mootools.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Page Statistics

89
Requests

79 %
HTTPS

52 %
IPv6

18
Domains

25
Subdomains

25
IPs

6
Countries

1153 kB
Transfer

3061 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://connect.facebook.net/uk_UA/sdk.js HTTP 307
  • https://connect.facebook.net/uk_UA/sdk.js
Request Chain 7
  • http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.38893288912152335 HTTP 302
  • https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.38893288912152335 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.38893288912152335
Request Chain 8
  • http://r.i.ua/s?u122537&p268&n0.03703223943024625&c1&d24&w1600&h1200&rsum.in.ua/ HTTP 302
  • https://i.i.ua/r/3_3_5.png
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CWbPv77VjZdSqDMu029gPv8aRmAbS8sq3dPXulYrxEYrq0uCyARABIJmQug5glaKmgrAHoAHZ0uTPA8gBCakCB8Q0K5Nasj6oAwHIA8sEqgS2AU_QK_vrKnSz0VgnWGV0_YQS-gav5HSK-a2uflpFWznRWmv1OXtiB73EkNAXXLGSngBJFb1oG6YChoF4eyjxHVb7U64rlW-uU606drbKpeuBua5lnxItSc8ImhPSrjOSmF3-t53q8oy3GNGtvSaBrQLmdEd75KLMa4h5rb64lgfu5MfBxlXPIvTpUzskiCRv1khVnfJYx95WJHIlwd7Ed-mZyaouSbOTGTZnzYWDcb-C2wdPZxDOwASEtPX3xwSIBePt2ZhNkgUECAQYAZIFBAgFGASgBi6AB7vH4yqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD4pw_SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgmaAWh0dHBzOi8vZGUucGFuZG9yYS5uZXQvZGUvY29sbGVjdGlvbnMvcGFuZG9yYS1tZS8_cHNfa3c9JmNpZD1zZW06Z29vZ2xlX3NlYXJjaDpsb2NhbGJyYW5kOm5vX2NvbGxlY3Rpb246bG93ZXJmdW5uZWw6bm9fcHJvbW86Ojo6Ojo6bWl4ZWQ6Ojo6JmdjbHNyYz1hdy5kcyaACgHICwGYDM3S157BBKIMECoOCgzktLEC7rWxArW4sQK4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTI4NDMzNzQyMjE5MjI1MTUYAA&sigh=783dZ90AzFU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNa7qUFyiIvEIuKJRG1Jlxp7IVmP5LwJ64GFZ7JRt63yS_gXTttiwqBRfkSkwrIzAH4Wv8b3SAbpgy2Kp4WnrdG5Kh6B58YKpYNHAYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223968014947374644826%22,%22debug_reporting%22:true,%22destination%22:%22https://pandora.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972630361%22],%224%22:[%2211-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221175011212121944177%22}&andc=true
Request Chain 42
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoD0pDnejCw0jmApy72bJA&google_cver=1
Request Chain 43
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWO18NCf-BYqChN2xRgHdwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe3-XqezozociOHJhJZRr0&google_cver=1
Request Chain 44
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMEP9smUw1OvLDepl4IErQ0&google_cver=1
Request Chain 45
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4NTU5ODc2NTc1NjUxNDY3OA%3D%3D
Request Chain 73
  • https://fw.adsafeprotected.com/rfw/st/1847127/76687242/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014950547&ias_pubId=pub-2843374221922515&ias_chanId=1&ias_placementId=20792064609&bidurl=http://sum.in.ua/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iByWiD-31wky4dbDU_mwer&adsafe_url=http%3A%2F%2Fsum.in.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fsum.in.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-2843374221922515%26fa%3D1%26ifi%3D3%26uci%3Da!3&adsafe_type=be&adsafe_jsinfo=,id:a81678f9-5f3c-28c5-95f4-b4cbd844b97a,c:v79Fuq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-x2vxn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:135,mot:0,app:0,maw:0,fm:tWKL1UU+11%7C12%7C131%7C14%7C151*.1847127-76687242%7C1511%7C1512%7C1513,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:150,oid:38b0d458-8ca1-11ee-b8a2-9a6f94d56340,v:19.8.461,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sum.in.ua/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sum.in.ua/
Protocol
HTTP/1.1
Server
195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software
Apache/2.2.23 (CentOS) / PHP/5.3.6
Resource Hash
de2249dcd9be31eef43aeb0c2587d8933d759df934ed647ec6b1a9e640bd913d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Language
ru
Content-Type
text/html; charset=UTF-8
Date
Sun, 26 Nov 2023 21:17:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=3, max=15
Pragma
no-cache
Server
Apache/2.2.23 (CentOS)
Transfer-Encoding
chunked
X-Powered-By
PHP/5.3.6
common.css
sum.in.ua/com/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sum.in.ua/com/common.css
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
HTTP/1.1
Server
195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software
Apache/2.2.23 (CentOS) /
Resource Hash
a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 21:17:34 GMT
Last-Modified
Mon, 19 Jun 2017 16:31:43 GMT
Server
Apache/2.2.23 (CentOS)
ETag
"5c0c2f-36b7-55252ab982951"
Content-Type
text/css
Content-Language
ru
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=14
Content-Length
14007
computer.css
sum.in.ua/com/ 		424 B
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sum.in.ua/com/computer.css
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
HTTP/1.1
Server
195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software
Apache/2.2.23 (CentOS) /
Resource Hash
18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 21:17:34 GMT
Last-Modified
Mon, 07 Apr 2014 12:12:24 GMT
Server
Apache/2.2.23 (CentOS)
ETag
"5c0721-1a8-4f672c7b9ba98"
Content-Type
text/css
Content-Language
ru
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=15
Content-Length
424
mootools.js
sum.in.ua/com/ 		92 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sum.in.ua/com/mootools.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
HTTP/1.1
Server
195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software
Apache/2.2.23 (CentOS) /
Resource Hash
44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 21:17:34 GMT
Last-Modified
Tue, 02 Apr 2013 19:18:16 GMT
Server
Apache/2.2.23 (CentOS)
ETag
"5c0877-170eb-4d965996fae00"
Content-Type
application/x-javascript
Content-Language
ru
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=15
Content-Length
94443
ajax-nc19.js
sum.in.ua/com/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sum.in.ua/com/ajax-nc19.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
HTTP/1.1
Server
195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software
Apache/2.2.23 (CentOS) /
Resource Hash
bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 21:17:34 GMT
Last-Modified
Tue, 11 Sep 2018 02:17:27 GMT
Server
Apache/2.2.23 (CentOS)
ETag
"5c05da-28d2-5758f133b9bc0"
Content-Type
application/x-javascript
Content-Language
ru
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=15
Content-Length
10450
show_ads.js
pagead2.googlesyndication.com/pagead/ 		24 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e158d60481a687528c58d02966c05085c1ff8bbb5b8ac92998008af4a5c5eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 21:17:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14074974723103330115
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
10539
X-XSS-Protection
0
Expires
Sun, 26 Nov 2023 21:17:34 GMT
sdk.js
connect.facebook.net/uk_UA/
Redirect Chain
  • http://connect.facebook.net/uk_UA/sdk.js
  • https://connect.facebook.net/uk_UA/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
333b1b09a5abc768e2ec75d0a5ea91c4d02fd06c1f2460a52ffe335f83b1c20c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 26 Nov 2023 21:17:34 GMT
content-md5
x2i7OLWs4I+e1UnysVwLkA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
x-fb-debug
oFGKGmZvqPIGQBc9ZlZr2CDCyeVAkiQe1ebs7rTZ3JK0dT83f48vSzkwRp25NBIGQuEdrtLTq6MTvUE1seFenw==
x-fb-content-md5
bfacf0aa5b443833c52468f1000c0b5d
cross-origin-opener-policy
same-origin-allow-popups
etag
"43d5f624b9de5be182f91dcb402307a8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 26 Nov 2023 21:24:20 GMT

Redirect headers

Location
https://connect.facebook.net/uk_UA/sdk.js#xfbml=1&version=v2.7
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e79ed79e21183e6a86df2f87e07d2db25e46d55ec262f9820eb3546262540f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53061
x-xss-protection
0
server
cafe
etag
161889654334886280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 21:17:34 GMT
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%...
  • https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439...
  • https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u04...
129 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.38893288912152335
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e6f38935d5dd5e37a609a7da8bc092f805c0032daf39d51e5b1a2f2640eb0228
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 21:17:34 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
129
Expires
Sat, 26 Nov 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 21:17:34 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.38893288912152335
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 26 Nov 2022 21:00:00 GMT
3_3_5.png
i.i.ua/r/
Redirect Chain
  • http://r.i.ua/s?u122537&p268&n0.03703223943024625&c1&d24&w1600&h1200&rsum.in.ua/
  • https://i.i.ua/r/3_3_5.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_5.png
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:34 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Mar 2007 13:53:49 GMT
server
cloudflare
age
2141676
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82c528b45b495d3d-FRA
alt-svc
h3=":443"; ma=86400
content-length
1187
expires
Fri, 01 Nov 2024 02:22:54 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 21:17:34 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://i.i.ua/r/3_3_5.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
82c528b37fe5bbc2-FRA
alt-svc
h3=":443"; ma=86400
Expires
0
hit
c.hit.ua/ 		318 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.7111761406494865&r=&u=http%3A//sum.in.ua/
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
HTTP/1.1
Server
89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
c.hit.ua
Software
nginx/1.17.9 /
Resource Hash
2d04d2a3ff21de50836e82981d6426f8027b7e9ac8b3eea527b018adc45a264c

Request headers

Referer
http://sum.in.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 21:17:34 GMT
Server
nginx/1.17.9
Transfer-Encoding
chunked
Content-Type
application/x-javascript
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
rect.png
sum.in.ua/com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sum.in.ua/com/rect.png
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/com/computer.css
Protocol
HTTP/1.1
Server
195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software
Apache/2.2.23 (CentOS) /
Resource Hash
bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/com/computer.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 21:17:34 GMT
Last-Modified
Sat, 12 Oct 2013 10:19:45 GMT
Server
Apache/2.2.23 (CentOS)
ETag
"5c0881-8e7-4e88892f91e6e"
Content-Type
image/png
Content-Language
ru
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=14
Content-Length
2279
sdk.js
connect.facebook.net/uk_UA/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=0b40041defb6dd1f55e1a2625dfb47cc
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c83944a9ee6a3b44ace5271eacba04b79ce71fb974d8724f8be9c418a9db662b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://sum.in.ua/
Origin
http://sum.in.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 26 Nov 2023 21:17:34 GMT
content-md5
MnfvjLL+5i3aokBEv4+8AQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88499
reporting-endpoints
x-fb-debug
A19yFlcaKYjOZRLVchuc6UKB2ZpTI0eS0z7kc8lKnVZJEkkOp79ns3J1/CceCYLAIgTb1sA5GSZ42eGyzYJTtQ==
x-fb-content-md5
0825dabb4a4d13969613e56173ba8ace
cross-origin-opener-policy
same-origin-allow-popups
etag
"5ec6d04bd104228c337359a0839f26ed"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Mon, 25 Nov 2024 20:24:18 GMT
like.php
www.facebook.com/v2.7/plugins/ Frame 6076 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36fdc21e673e9c%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ff1a5178a89b5cb%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=0b40041defb6dd1f55e1a2625dfb47cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 26 Nov 2023 21:17:34 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
XoTi4KPe51oUL0oR+U2zc/CGo/3QG+ZtUU2AByznVLn68pD3g8rJaOl5ULw/xh+196wV7kpeJkdm0WbN7kDoBQ==
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0b384e1e288d10e61d9d7f91453bc1390278b3bba294b15971fe70365f0b7da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138528
x-xss-protection
0
server
cafe
etag
2934592789459007197
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 21:17:34 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 3F02 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
48078
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 07:56:16 GMT
etag
111328227650088477
expires
Sun, 10 Dec 2023 07:56:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 85AB 		167 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfc4d76f9d3436a0abea96c8c4fa785067adc942c48447866fb35ffc81aa26f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
48623
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 21:17:35 GMT
expires
Sun, 26 Nov 2023 21:17:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 59B6 		36 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1701033455&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1701033454792&bpp=2&bdt=465&idt=252&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6868198912&nras=1&correlator=2752241482276&frm=20&pv=1&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35e8bde350a7c1ec65ceff0350205c46a0f8fd5b342f47e185aee509a55d6731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14663
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 21:17:35 GMT
expires
Sun, 26 Nov 2023 21:17:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
447070c93425ac71ab73129ec57e0293904deb6fab9d7798c64b99fd0369040c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55796
x-xss-protection
0
server
cafe
etag
3093583423428145136
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 21:17:35 GMT
css
fonts.googleapis.com/ Frame 85AB 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 26 Nov 2023 21:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 26 Nov 2023 19:43:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Nov 2023 21:17:35 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 85AB 		225 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 04:32:33 GMT
x-content-type-options
nosniff
server
cafe
age
60302
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Mon, 27 Nov 2023 04:32:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 85AB 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 15:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 15:51:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 85AB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 09:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
42647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 09:26:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 85AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 08:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 08:57:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 85AB 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
79237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 85AB 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 21:17:35 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 85AB 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 19 Feb 2024 07:40:28 GMT
16233267846779951588
tpc.googlesyndication.com/simgad/ Frame 85AB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16233267846779951588?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0e977a94fe530537e3b6c79c8341f53530640ea14467c936c77342f97cec17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 14:42:56 GMT
x-content-type-options
nosniff
age
110079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2032
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 09:10:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Nov 2024 14:42:56 GMT
truncated
/ Frame 85AB 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 85AB 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 85AB 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 6E89 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 18:43:06 GMT
etag
111328227650088477
expires
Sun, 10 Dec 2023 18:43:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 85AB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1261c0fa429b4e5a704c80bf7c3591845140d159f39347065ead46ed7344049e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2DE2 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKaL-_4BMAE&v=APEucNU6JAgSS7AroHeXNwgJnhqcuwsLQUooLcDWG3ecP5bgJzZf4fY4LCur175_eDz8C97RiOooNVkBto4eWEyvl9PavdQEvHkJUfYcYjN-D20baOcdIpx3xcKAHxgTNn0ZZZdB8STTwLjPmwFRQuzTXtqqMG_WLb1WkD_pdd-k9WV3-ZDPF1M
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 21:17:35 GMT
expires
Sun, 26 Nov 2023 21:17:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 89BC 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 21:17:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 89BC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 08:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 08:57:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 89BC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
79237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 89BC 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 21:17:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 89BC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cs5iI1vAcHRFpKB6p0tpf-5QHmm9NuzalmuoVtfmHwE7P-zDlGnu7ATYzfXKs6c2YM-uX86RSXfrWnHbGeaibJOgq55ZW39i4TNUoJGKCtBN2jeLs
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 89BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1594244370124556687&x=1&ct=76
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 85AB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CWbPv77VjZdSqDMu029gPv8aRmAbS8sq3dPXulYrxEYrq0uCyARABIJmQug5glaKmgrAHoAHZ0uTPA8gBCakCB8Q0K5Nasj6oAwHIA8sEqgS2AU_QK_vrKnSz0VgnWGV0_YQS-gav5HSK-a2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223968014947374644826%22,%22debug_reporting%22:true,%22destination%22:%22https://pandora.net%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223968014947374644826%22,%22debug_reporting%22:true,%22destination%22:%22https://pandora.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972630361%22],%224%22:[%2211-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221175011212121944177%22}&andc=true
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"3968014947374644826","debug_reporting":true,"destination":"https://pandora.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972630361"],"4":["11-26"],"6":["true"]},"priority":"500","source_event_id":"1175011212121944177"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 26 Nov 2023 21:17:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 26 Nov 2023 21:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3968014947374644826","debug_reporting":true,"destination":"https://pandora.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972630361"],"4":["11-26"],"6":["true"]},"priority":"500","source_event_id":"1175011212121944177"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 85AB 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:01:51 GMT
x-content-type-options
nosniff
age
346545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 21:01:51 GMT
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame F458 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1701033455&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&wgl=1&dt=1701033454619&bpp=150&bdt=291&idt=396&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&abxe=1&correlator=2752241482276&frm=20&pv=2&ga_vid=1814097125.1701033455&ga_sid=1701033455&ga_hid=1179660565&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079606%2C44795922%2C44809005%2C44809314%2C31078301%2C44807763%2C44808149%2C44808285%2C44809053%2C31079699&oid=2&pvsid=4254141193312054&tmod=113679682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:09:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
472098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 10:09:18 GMT
rum
dsum-sec.casalemedia.com/ Frame 2DE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoD0pDnejCw0jmApy72bJA&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoD0pDnejCw0jmApy72bJA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKaL-_4BMAE&v=APEucNU6JAgSS7AroHeXNwgJnhqcuwsLQUooLcDWG3ecP5bgJzZf4fY4LCur175_eDz8C97RiOooNVkBto4eWEyvl9PavdQEvHkJUfYcYjN-D20baOcdIpx3xcKAHxgTNn0ZZZdB8STTwLjPmwFRQuzTXtqqMG_WLb1WkD_pdd-k9WV3-ZDPF1M
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGnO9kiQBW3YYMG4slZgNO4HDlBsBv0hXdkjWBz0zmKDfsZo86ZCr0cfHrkRxQMCDlSksXej%2Fy%2B8uX%2BoPbtiq52FZrM55VEfTnABl%2FktPFePxUvk8wX4feQIQVwJ1MECOT7xkgOX1GTxnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82c528bcad919013-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoD0pDnejCw0jmApy72bJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2DE2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWO18NCf-BYqChN2xRgHdwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe3-XqezozociOHJhJZRr0&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe3-XqezozociOHJhJZRr0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKaL-_4BMAE&v=APEucNU6JAgSS7AroHeXNwgJnhqcuwsLQUooLcDWG3ecP5bgJzZf4fY4LCur175_eDz8C97RiOooNVkBto4eWEyvl9PavdQEvHkJUfYcYjN-D20baOcdIpx3xcKAHxgTNn0ZZZdB8STTwLjPmwFRQuzTXtqqMG_WLb1WkD_pdd-k9WV3-ZDPF1M
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Sm7GddnvqDVKEH4YeO%2FwJkgmBV%2Fy6UNmIleAJcL6S73mycf%2BkbQ5kKxJpzgx0HGfwMbzrNaUor5VJqD%2BUPGzbZO%2FqOgV3EQPkdfMZybD6DG5mRjywhxTNeWKtxl7yJhv%2BWvYLFhAw9TiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82c528bccda89013-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe3-XqezozociOHJhJZRr0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2DE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMEP9smUw1OvLDepl4IErQ0&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMEP9smUw1OvLDepl4IErQ0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKaL-_4BMAE&v=APEucNU6JAgSS7AroHeXNwgJnhqcuwsLQUooLcDWG3ecP5bgJzZf4fY4LCur175_eDz8C97RiOooNVkBto4eWEyvl9PavdQEvHkJUfYcYjN-D20baOcdIpx3xcKAHxgTNn0ZZZdB8STTwLjPmwFRQuzTXtqqMG_WLb1WkD_pdd-k9WV3-ZDPF1M
Protocol
H2
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
an-x-request-uuid
95489f56-ff90-4fb8-a535-55c31d9d5f0a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMEP9smUw1OvLDepl4IErQ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2DE2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4NTU5ODc2NTc1NjUxNDY3OA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4NTU5ODc2NTc1NjUxNDY3OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKaL-_4BMAE&v=APEucNU6JAgSS7AroHeXNwgJnhqcuwsLQUooLcDWG3ecP5bgJzZf4fY4LCur175_eDz8C97RiOooNVkBto4eWEyvl9PavdQEvHkJUfYcYjN-D20baOcdIpx3xcKAHxgTNn0ZZZdB8STTwLjPmwFRQuzTXtqqMG_WLb1WkD_pdd-k9WV3-ZDPF1M
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
an-x-request-uuid
e1337a60-d177-4260-a854-25d1bab07f42
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4NTU5ODc2NTc1NjUxNDY3OA%3D%3D
x-proxy-origin
178.162.209.134; 178.162.209.134; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223968014947374644826%22,%22debug_reporting%22:true,%22destination%22:%22https://pandora.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972630361%22],%224%22:[%2211-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221175011212121944177%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 21:17:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 89BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1035194463203&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 89BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1035194463203&version=m202309260101&ct=76&x=1&cor=1594244370124556800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 89BC 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAf5J2Bj4IkOxPRKL4xw3dJlPIfSceLhmIKDB_iuzeJViLOSNRItOWbc0N_BTF7ZFJzFDyt9KJfucBgwFOc3p2EjiE8qMBr2mTFmfYSWie3H90kEKryoqZ6hp5nC7OdgvfxCrh7h_kRn3lqjo3q41feTFAnhMf_f3DNZZJQcZpvTrfpvc&dbm_d=AKAmf-D2t0AibJYeNo5KZ9GgtchXnnuOJXG04cFMSDToSX4uJbkPrQGoNCoWfN5AnsajeSnub5iw5PGlCC9MCVZVJ50RPzqKjPTTRKtMbQiaK8sKoX51Xiu3KR7uuSmh0ouq42XDAnmfE9c6TQ3PuEq4S4VnLvCTz9C0YrwQiVLXVvXfo6j9Nf3D3x1I55z51fox_Uhb8RNQTI45v9hoR0kQp17Ebzvi7AkB6996Col-bAbE3CWtYHy1K1HGMS0gsuevz-IMrpkjf4eXMaoWBcx9qsm1LHOeDel_CHXL66zApJcM1cskG-vZpalNNMxGZmq4xLwhgf9aSjWIrAqjDiox-r5h0l827GvoVAMP4vyg7PZze1IRYg6OdAsei6qmgenPHJ2Am-Vbobea0A9RKVuoJ6zuDNH9ChuFNxyIIlkCXmUEms_fbKOAt_7BN-FMwDP0hrbIyrrA7CprS3iBwVIkWRY0tsZYeg3XO9M4khAkZ4bRdm2KoaUK_sU9FcmzU-sNjMET81PEFAQTBnvAvvhqTcVXOYAhM-Vx9qDbbUBp2r8xWKkGw0mtt68dKbkk-yAuV1pdMkllfp-HHgFMrIzi7Tm3Xk7RW5FeIVFO-fGpsYLt5rMl0szfPENrtByKpLxXfAzaldaU_jgAFKpWlP3Nb6GKAxNdgEdPMesOwO9yUvrMtSIbbeZN2N3ElYbLk6JrcrZDo41o0Zdz1UbV5VGnuB7yXg5vMvq3dxJiq6riNz3ZMtgTsd9vmNDPQ2k-Ia9xSvygcbODBNFvT2wN60oIZr5M2I7g-GswylXEBa8Al3Kc-10lX0s2gAf9crE5UXernYoubgpf4TRI3MijaEffeUI29mpYaZL4mGdzKgQO_SQTCm9YISnmqZb6cXS2SFRiMdxCVlyYmx9szhmaEcrfNQhKpq14TNIbR0pHr9eGlHLWE6CVbhjzDdlDsdoWI67uXblEoBNcKT5wrzQ3aODZO1Bvy7HANv1rH338lB2_OIH15WJSNlNHcS2TTKyt9va6CyC43Peq1VYfJ7pU7mPvVd4Gw-8cDwb0FydSHkUKypJuez45lWl1Iup8mh1bnFqd9j9s0R03hqiFVin1NaI8pgDP_QyHMzy-pN3kB6Q2iC9PcD0VYW15IwiEba8VbIrOJ5ouaIocYUlO-D0M6bjDNUyWmltngLtjf0Yryg6lcW-tdC2IVYonGAK_G4LkCK51i5zoZCaJiIW2Qah-nBKQokhsQV8F4uNX-ajcpTsFvZaewCspTQgLYQ2ZNJJKWqp1OowyQl7LmGHsldXI19opd6wpxcRaZWAefm-GWS7eNgj68yjk3-ad_HVfEmQnZ8z4TMEhFflHZhr6xYCdLw0atcqX_eti01hmNAV_eHffmeNtDmvGhbH4VoSNCUhMzGbMTzQSP-tIB4lkNiI5nxE65dmNK30cpiOVKw89ie1aEg_2wPzBWseObDZ5Dakwi2lh90B5fVnGXIltnBOhL6vIq0KglXKshJK4T0K3ErdTLQjYhO6Ggn-kMuZ6Auc4JW6qyAzSqkXs4TEtsBArnJADcZHtfPiVbost12mIaA6qUWTTsrs5FmanCzA46ySiv98YL2NRWhTid7-lNkzugoyJFLqBJxYZmm7d8ixc2uA0Q4vRBsLWEv31tSjLVbn4ccYRhOyu49BVMX-p2JVXuRpqQtv-obvCALiP9TuyCkWauONhmlkT_Eh-ncp8huqVxpCZ39380i_cJawXy_8zzmp9H-eTtzp8fdhO-e08l7M50H7oAnEitaYm3uVWbbWwVisUec1md9aJTdnl6NLlrEgEm3OEAp9nKeQtrXK9oKLgJoJ2FBln2Nwc0KttDT5EuMXICauHOw5za6A5LV4WbSj9njMzm0ciX8YYhDpm56R-PyRNMlqjHNH_94yo1uQcNGD_CPjUiaIZw8-FE6wAy9RACSp60nSyfxhaX1vAMk4Jf_qesXhw8RiTtDF8X9AQiX64D0rXwOCjclaStELbMVew1GkaQaswtuvGcb_EJvWe1M0jMhMXwE6aZ_gRCuLEHnLOomeohBiH-QEQ--Of7vI9QGggi9ySC1YkcXGQ29QASgPi6UokN0j9q8lLs-eSKLHO2h3zhIk6Z3_r3a5vb2Y5WRjFmvuJBtJ25SF19qFxQI8bP8Ul0j-Lqfuy1VbhIndwUfi7vHEqx5HcTLFq0z5D5McTQ2CCC0YVXNH_mfsvnvJFQ7yDPvTXCDHP2P49ghRmyvl8PVU6O94nEJv9kNdCuobd24aSwGtmjHqa3AXZ9K9l-1cXnRVj98Hrw10S1P0xL1hxqyLfFXPOe-k8iNyj-43fq8LH2RKyn71wjoy636MTqysGG3xp7cWXu58JZRfg-54Rexkxlo5S1ODGPUn1ha7RaQyzJumtt4enBrPgfmBIrlalGb39FXUeJr3e8y_7RvgdkNLKS-gPXhXgYI53lAjSi-D7aF0gUY9foHUv567Oovzk-WDyLcYWQocy-bAFV_S3CmH6PWzdoVuOV-EXnRiIO4RTT3zsHEPc5zwHtAcTcuzglVbpnnHx8kdHZrSBM_wN5w29RHtarQIbHIwCKCD6OHZHiwbHtc2G3SV_FrnSFeeHhefBaPVRaysbNjlWWqhRFVk6HNv44QtBIwmOk9L6D-XPgvVha2lQvCac1nm4Z5iSn1EuisNNqzNbu84TaU_Q6O_LCU-lLDxhW9nktjGP-yD1ggiaviQkJt2nzFosR3myqC8kFoBbZ3l0M6UMnmrq-h3Z7yIoPmd55MnVVGM4N5HKN3wAx27TKUYCfBz3bObZOmW3i2h34q9lLBC59j6FORpp3dw07LkAOxSzPf2bP3m3r96S4OtVvfBcZtEI9wUPXGYBrk2UgTGGldFt6bjEUjedr4r8lVKqqX4CXc9mAlZvxg9h_YXIHMGHWIw2sE4mjzgWur5F2z3NJGj2x1lclFRyr2xRdgaoILiBBqoKEKfChpAhPnll8pf1S-0oKVdbNtFdgKxRoFEY6Ia5X0_KIJGTU4pgSEo6T26LAia1Uk5pTnfsipm3jio2o7IG7RJasOUWBYODuxaBnZal88rz6UkBOo-Vx74FNd1icVcNWtNiYF9vKuUSWghbVSRUQJKd4YQw0gxKnsnLNwvIg8f-v-FLozK1aTmrxDVLBL6VwG5qLt3du0vqPi3YGpDfPOB2Fv3idzaNX6SAHLBcZQbjp6IxzrAHMfhxXJinWF2pZgXVxrut7qXPF7u_MR2x7SXTzpB9k9D9kt7_PBvNQaBy9RAdGVWUtmHc8cTYhxkoQWC2r-RGFPDP6E_bXysDsnVaDVAaU4XberU8UM1Y5HPjEYFIs-Q75kYMuEBIpqts5P4wRmDO5dSI2ySYAPpqHZnAPARZqBb3Gi5fSJAC6y0M6eQdchXzBZdO3mTY65XS1IXtXuoGvySGmbi9A7f07ZKUaVBopLAS494lI5JHCahv245CUgubQrrL2PQ73qVkbHHB1oNNgA229dSF36FCJorP6ZoLPY3etAP7i0mI7N6YTXCkAKYu3V50T9mciyzfYQJUT8igjoTeiTKYlWryQaWreDS8QMRa_hv9n5VWSQt78lbg87MWSZF7JFjLZz2uWU7wfX1ZgWLwqj-_vAKGYBbMNlv1gNDrrhijGcageXynkTPyGcHavdwNYdewmQOLWKCNe05yugQvCIhi4eMk-avhz1RizfDyCT1i_L2L9uXY1QzWhiBVNxjVN5-9FZkI8bBCZtidfUYO347OjLPGWmmga7M&cid=CAQSTgDICaaNlMYucfmDhEmQLRgkcAR8wJPcbYy-ti5381ty-BSUvhvZiVlmVx4KcEluvxkn5IVn0dt45eZuQtzwF9Pkc9ua97gHs6Bq9A5xSRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsum.in.ua%2F&ds=l&xdt=1&iif=1&cor=1594244370124556800&adk=1761367587&idt=140&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1053b4473d172c78b86099204d5d84224b18d62a51e6053cb7de4bac3011bfac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42220
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1847127/76687242/ Frame 89BC 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1847127/76687242/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014950547&ias_pubId=pub-2843374221922515&ias_chanId=1&ias_placementId=20792064609&bidurl=http://sum.in.ua/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iByWiD-31wky4dbDU_mwer
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.122.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-122-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
52fc141c457e0bd84d732f4504bdab186f540c31aaf3932561e8d8868ca8a908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 89BC 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Nov 2023 07:40:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 89BC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAf5J2Bj4IkOxPRKL4xw3dJlPIfSceLhmIKDB_iuzeJViLOSNRItOWbc0N_BTF7ZFJzFDyt9KJfucBgwFOc3p2EjiE8qMBr2mTFmfYSWie3H90kEKryoqZ6hp5nC7OdgvfxCrh7h_kRn3lqjo3q41feTFAnhMf_f3DNZZJQcZpvTrfpvc&dbm_d=AKAmf-D2t0AibJYeNo5KZ9GgtchXnnuOJXG04cFMSDToSX4uJbkPrQGoNCoWfN5AnsajeSnub5iw5PGlCC9MCVZVJ50RPzqKjPTTRKtMbQiaK8sKoX51Xiu3KR7uuSmh0ouq42XDAnmfE9c6TQ3PuEq4S4VnLvCTz9C0YrwQiVLXVvXfo6j9Nf3D3x1I55z51fox_Uhb8RNQTI45v9hoR0kQp17Ebzvi7AkB6996Col-bAbE3CWtYHy1K1HGMS0gsuevz-IMrpkjf4eXMaoWBcx9qsm1LHOeDel_CHXL66zApJcM1cskG-vZpalNNMxGZmq4xLwhgf9aSjWIrAqjDiox-r5h0l827GvoVAMP4vyg7PZze1IRYg6OdAsei6qmgenPHJ2Am-Vbobea0A9RKVuoJ6zuDNH9ChuFNxyIIlkCXmUEms_fbKOAt_7BN-FMwDP0hrbIyrrA7CprS3iBwVIkWRY0tsZYeg3XO9M4khAkZ4bRdm2KoaUK_sU9FcmzU-sNjMET81PEFAQTBnvAvvhqTcVXOYAhM-Vx9qDbbUBp2r8xWKkGw0mtt68dKbkk-yAuV1pdMkllfp-HHgFMrIzi7Tm3Xk7RW5FeIVFO-fGpsYLt5rMl0szfPENrtByKpLxXfAzaldaU_jgAFKpWlP3Nb6GKAxNdgEdPMesOwO9yUvrMtSIbbeZN2N3ElYbLk6JrcrZDo41o0Zdz1UbV5VGnuB7yXg5vMvq3dxJiq6riNz3ZMtgTsd9vmNDPQ2k-Ia9xSvygcbODBNFvT2wN60oIZr5M2I7g-GswylXEBa8Al3Kc-10lX0s2gAf9crE5UXernYoubgpf4TRI3MijaEffeUI29mpYaZL4mGdzKgQO_SQTCm9YISnmqZb6cXS2SFRiMdxCVlyYmx9szhmaEcrfNQhKpq14TNIbR0pHr9eGlHLWE6CVbhjzDdlDsdoWI67uXblEoBNcKT5wrzQ3aODZO1Bvy7HANv1rH338lB2_OIH15WJSNlNHcS2TTKyt9va6CyC43Peq1VYfJ7pU7mPvVd4Gw-8cDwb0FydSHkUKypJuez45lWl1Iup8mh1bnFqd9j9s0R03hqiFVin1NaI8pgDP_QyHMzy-pN3kB6Q2iC9PcD0VYW15IwiEba8VbIrOJ5ouaIocYUlO-D0M6bjDNUyWmltngLtjf0Yryg6lcW-tdC2IVYonGAK_G4LkCK51i5zoZCaJiIW2Qah-nBKQokhsQV8F4uNX-ajcpTsFvZaewCspTQgLYQ2ZNJJKWqp1OowyQl7LmGHsldXI19opd6wpxcRaZWAefm-GWS7eNgj68yjk3-ad_HVfEmQnZ8z4TMEhFflHZhr6xYCdLw0atcqX_eti01hmNAV_eHffmeNtDmvGhbH4VoSNCUhMzGbMTzQSP-tIB4lkNiI5nxE65dmNK30cpiOVKw89ie1aEg_2wPzBWseObDZ5Dakwi2lh90B5fVnGXIltnBOhL6vIq0KglXKshJK4T0K3ErdTLQjYhO6Ggn-kMuZ6Auc4JW6qyAzSqkXs4TEtsBArnJADcZHtfPiVbost12mIaA6qUWTTsrs5FmanCzA46ySiv98YL2NRWhTid7-lNkzugoyJFLqBJxYZmm7d8ixc2uA0Q4vRBsLWEv31tSjLVbn4ccYRhOyu49BVMX-p2JVXuRpqQtv-obvCALiP9TuyCkWauONhmlkT_Eh-ncp8huqVxpCZ39380i_cJawXy_8zzmp9H-eTtzp8fdhO-e08l7M50H7oAnEitaYm3uVWbbWwVisUec1md9aJTdnl6NLlrEgEm3OEAp9nKeQtrXK9oKLgJoJ2FBln2Nwc0KttDT5EuMXICauHOw5za6A5LV4WbSj9njMzm0ciX8YYhDpm56R-PyRNMlqjHNH_94yo1uQcNGD_CPjUiaIZw8-FE6wAy9RACSp60nSyfxhaX1vAMk4Jf_qesXhw8RiTtDF8X9AQiX64D0rXwOCjclaStELbMVew1GkaQaswtuvGcb_EJvWe1M0jMhMXwE6aZ_gRCuLEHnLOomeohBiH-QEQ--Of7vI9QGggi9ySC1YkcXGQ29QASgPi6UokN0j9q8lLs-eSKLHO2h3zhIk6Z3_r3a5vb2Y5WRjFmvuJBtJ25SF19qFxQI8bP8Ul0j-Lqfuy1VbhIndwUfi7vHEqx5HcTLFq0z5D5McTQ2CCC0YVXNH_mfsvnvJFQ7yDPvTXCDHP2P49ghRmyvl8PVU6O94nEJv9kNdCuobd24aSwGtmjHqa3AXZ9K9l-1cXnRVj98Hrw10S1P0xL1hxqyLfFXPOe-k8iNyj-43fq8LH2RKyn71wjoy636MTqysGG3xp7cWXu58JZRfg-54Rexkxlo5S1ODGPUn1ha7RaQyzJumtt4enBrPgfmBIrlalGb39FXUeJr3e8y_7RvgdkNLKS-gPXhXgYI53lAjSi-D7aF0gUY9foHUv567Oovzk-WDyLcYWQocy-bAFV_S3CmH6PWzdoVuOV-EXnRiIO4RTT3zsHEPc5zwHtAcTcuzglVbpnnHx8kdHZrSBM_wN5w29RHtarQIbHIwCKCD6OHZHiwbHtc2G3SV_FrnSFeeHhefBaPVRaysbNjlWWqhRFVk6HNv44QtBIwmOk9L6D-XPgvVha2lQvCac1nm4Z5iSn1EuisNNqzNbu84TaU_Q6O_LCU-lLDxhW9nktjGP-yD1ggiaviQkJt2nzFosR3myqC8kFoBbZ3l0M6UMnmrq-h3Z7yIoPmd55MnVVGM4N5HKN3wAx27TKUYCfBz3bObZOmW3i2h34q9lLBC59j6FORpp3dw07LkAOxSzPf2bP3m3r96S4OtVvfBcZtEI9wUPXGYBrk2UgTGGldFt6bjEUjedr4r8lVKqqX4CXc9mAlZvxg9h_YXIHMGHWIw2sE4mjzgWur5F2z3NJGj2x1lclFRyr2xRdgaoILiBBqoKEKfChpAhPnll8pf1S-0oKVdbNtFdgKxRoFEY6Ia5X0_KIJGTU4pgSEo6T26LAia1Uk5pTnfsipm3jio2o7IG7RJasOUWBYODuxaBnZal88rz6UkBOo-Vx74FNd1icVcNWtNiYF9vKuUSWghbVSRUQJKd4YQw0gxKnsnLNwvIg8f-v-FLozK1aTmrxDVLBL6VwG5qLt3du0vqPi3YGpDfPOB2Fv3idzaNX6SAHLBcZQbjp6IxzrAHMfhxXJinWF2pZgXVxrut7qXPF7u_MR2x7SXTzpB9k9D9kt7_PBvNQaBy9RAdGVWUtmHc8cTYhxkoQWC2r-RGFPDP6E_bXysDsnVaDVAaU4XberU8UM1Y5HPjEYFIs-Q75kYMuEBIpqts5P4wRmDO5dSI2ySYAPpqHZnAPARZqBb3Gi5fSJAC6y0M6eQdchXzBZdO3mTY65XS1IXtXuoGvySGmbi9A7f07ZKUaVBopLAS494lI5JHCahv245CUgubQrrL2PQ73qVkbHHB1oNNgA229dSF36FCJorP6ZoLPY3etAP7i0mI7N6YTXCkAKYu3V50T9mciyzfYQJUT8igjoTeiTKYlWryQaWreDS8QMRa_hv9n5VWSQt78lbg87MWSZF7JFjLZz2uWU7wfX1ZgWLwqj-_vAKGYBbMNlv1gNDrrhijGcageXynkTPyGcHavdwNYdewmQOLWKCNe05yugQvCIhi4eMk-avhz1RizfDyCT1i_L2L9uXY1QzWhiBVNxjVN5-9FZkI8bBCZtidfUYO347OjLPGWmmga7M&cid=CAQSTgDICaaNlMYucfmDhEmQLRgkcAR8wJPcbYy-ti5381ty-BSUvhvZiVlmVx4KcEluvxkn5IVn0dt45eZuQtzwF9Pkc9ua97gHs6Bq9A5xSRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsum.in.ua%2F&ds=l&xdt=1&iif=1&cor=1594244370124556800&adk=1761367587&idt=140&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
67355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 02:35:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 89BC 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAf5J2Bj4IkOxPRKL4xw3dJlPIfSceLhmIKDB_iuzeJViLOSNRItOWbc0N_BTF7ZFJzFDyt9KJfucBgwFOc3p2EjiE8qMBr2mTFmfYSWie3H90kEKryoqZ6hp5nC7OdgvfxCrh7h_kRn3lqjo3q41feTFAnhMf_f3DNZZJQcZpvTrfpvc&dbm_d=AKAmf-D2t0AibJYeNo5KZ9GgtchXnnuOJXG04cFMSDToSX4uJbkPrQGoNCoWfN5AnsajeSnub5iw5PGlCC9MCVZVJ50RPzqKjPTTRKtMbQiaK8sKoX51Xiu3KR7uuSmh0ouq42XDAnmfE9c6TQ3PuEq4S4VnLvCTz9C0YrwQiVLXVvXfo6j9Nf3D3x1I55z51fox_Uhb8RNQTI45v9hoR0kQp17Ebzvi7AkB6996Col-bAbE3CWtYHy1K1HGMS0gsuevz-IMrpkjf4eXMaoWBcx9qsm1LHOeDel_CHXL66zApJcM1cskG-vZpalNNMxGZmq4xLwhgf9aSjWIrAqjDiox-r5h0l827GvoVAMP4vyg7PZze1IRYg6OdAsei6qmgenPHJ2Am-Vbobea0A9RKVuoJ6zuDNH9ChuFNxyIIlkCXmUEms_fbKOAt_7BN-FMwDP0hrbIyrrA7CprS3iBwVIkWRY0tsZYeg3XO9M4khAkZ4bRdm2KoaUK_sU9FcmzU-sNjMET81PEFAQTBnvAvvhqTcVXOYAhM-Vx9qDbbUBp2r8xWKkGw0mtt68dKbkk-yAuV1pdMkllfp-HHgFMrIzi7Tm3Xk7RW5FeIVFO-fGpsYLt5rMl0szfPENrtByKpLxXfAzaldaU_jgAFKpWlP3Nb6GKAxNdgEdPMesOwO9yUvrMtSIbbeZN2N3ElYbLk6JrcrZDo41o0Zdz1UbV5VGnuB7yXg5vMvq3dxJiq6riNz3ZMtgTsd9vmNDPQ2k-Ia9xSvygcbODBNFvT2wN60oIZr5M2I7g-GswylXEBa8Al3Kc-10lX0s2gAf9crE5UXernYoubgpf4TRI3MijaEffeUI29mpYaZL4mGdzKgQO_SQTCm9YISnmqZb6cXS2SFRiMdxCVlyYmx9szhmaEcrfNQhKpq14TNIbR0pHr9eGlHLWE6CVbhjzDdlDsdoWI67uXblEoBNcKT5wrzQ3aODZO1Bvy7HANv1rH338lB2_OIH15WJSNlNHcS2TTKyt9va6CyC43Peq1VYfJ7pU7mPvVd4Gw-8cDwb0FydSHkUKypJuez45lWl1Iup8mh1bnFqd9j9s0R03hqiFVin1NaI8pgDP_QyHMzy-pN3kB6Q2iC9PcD0VYW15IwiEba8VbIrOJ5ouaIocYUlO-D0M6bjDNUyWmltngLtjf0Yryg6lcW-tdC2IVYonGAK_G4LkCK51i5zoZCaJiIW2Qah-nBKQokhsQV8F4uNX-ajcpTsFvZaewCspTQgLYQ2ZNJJKWqp1OowyQl7LmGHsldXI19opd6wpxcRaZWAefm-GWS7eNgj68yjk3-ad_HVfEmQnZ8z4TMEhFflHZhr6xYCdLw0atcqX_eti01hmNAV_eHffmeNtDmvGhbH4VoSNCUhMzGbMTzQSP-tIB4lkNiI5nxE65dmNK30cpiOVKw89ie1aEg_2wPzBWseObDZ5Dakwi2lh90B5fVnGXIltnBOhL6vIq0KglXKshJK4T0K3ErdTLQjYhO6Ggn-kMuZ6Auc4JW6qyAzSqkXs4TEtsBArnJADcZHtfPiVbost12mIaA6qUWTTsrs5FmanCzA46ySiv98YL2NRWhTid7-lNkzugoyJFLqBJxYZmm7d8ixc2uA0Q4vRBsLWEv31tSjLVbn4ccYRhOyu49BVMX-p2JVXuRpqQtv-obvCALiP9TuyCkWauONhmlkT_Eh-ncp8huqVxpCZ39380i_cJawXy_8zzmp9H-eTtzp8fdhO-e08l7M50H7oAnEitaYm3uVWbbWwVisUec1md9aJTdnl6NLlrEgEm3OEAp9nKeQtrXK9oKLgJoJ2FBln2Nwc0KttDT5EuMXICauHOw5za6A5LV4WbSj9njMzm0ciX8YYhDpm56R-PyRNMlqjHNH_94yo1uQcNGD_CPjUiaIZw8-FE6wAy9RACSp60nSyfxhaX1vAMk4Jf_qesXhw8RiTtDF8X9AQiX64D0rXwOCjclaStELbMVew1GkaQaswtuvGcb_EJvWe1M0jMhMXwE6aZ_gRCuLEHnLOomeohBiH-QEQ--Of7vI9QGggi9ySC1YkcXGQ29QASgPi6UokN0j9q8lLs-eSKLHO2h3zhIk6Z3_r3a5vb2Y5WRjFmvuJBtJ25SF19qFxQI8bP8Ul0j-Lqfuy1VbhIndwUfi7vHEqx5HcTLFq0z5D5McTQ2CCC0YVXNH_mfsvnvJFQ7yDPvTXCDHP2P49ghRmyvl8PVU6O94nEJv9kNdCuobd24aSwGtmjHqa3AXZ9K9l-1cXnRVj98Hrw10S1P0xL1hxqyLfFXPOe-k8iNyj-43fq8LH2RKyn71wjoy636MTqysGG3xp7cWXu58JZRfg-54Rexkxlo5S1ODGPUn1ha7RaQyzJumtt4enBrPgfmBIrlalGb39FXUeJr3e8y_7RvgdkNLKS-gPXhXgYI53lAjSi-D7aF0gUY9foHUv567Oovzk-WDyLcYWQocy-bAFV_S3CmH6PWzdoVuOV-EXnRiIO4RTT3zsHEPc5zwHtAcTcuzglVbpnnHx8kdHZrSBM_wN5w29RHtarQIbHIwCKCD6OHZHiwbHtc2G3SV_FrnSFeeHhefBaPVRaysbNjlWWqhRFVk6HNv44QtBIwmOk9L6D-XPgvVha2lQvCac1nm4Z5iSn1EuisNNqzNbu84TaU_Q6O_LCU-lLDxhW9nktjGP-yD1ggiaviQkJt2nzFosR3myqC8kFoBbZ3l0M6UMnmrq-h3Z7yIoPmd55MnVVGM4N5HKN3wAx27TKUYCfBz3bObZOmW3i2h34q9lLBC59j6FORpp3dw07LkAOxSzPf2bP3m3r96S4OtVvfBcZtEI9wUPXGYBrk2UgTGGldFt6bjEUjedr4r8lVKqqX4CXc9mAlZvxg9h_YXIHMGHWIw2sE4mjzgWur5F2z3NJGj2x1lclFRyr2xRdgaoILiBBqoKEKfChpAhPnll8pf1S-0oKVdbNtFdgKxRoFEY6Ia5X0_KIJGTU4pgSEo6T26LAia1Uk5pTnfsipm3jio2o7IG7RJasOUWBYODuxaBnZal88rz6UkBOo-Vx74FNd1icVcNWtNiYF9vKuUSWghbVSRUQJKd4YQw0gxKnsnLNwvIg8f-v-FLozK1aTmrxDVLBL6VwG5qLt3du0vqPi3YGpDfPOB2Fv3idzaNX6SAHLBcZQbjp6IxzrAHMfhxXJinWF2pZgXVxrut7qXPF7u_MR2x7SXTzpB9k9D9kt7_PBvNQaBy9RAdGVWUtmHc8cTYhxkoQWC2r-RGFPDP6E_bXysDsnVaDVAaU4XberU8UM1Y5HPjEYFIs-Q75kYMuEBIpqts5P4wRmDO5dSI2ySYAPpqHZnAPARZqBb3Gi5fSJAC6y0M6eQdchXzBZdO3mTY65XS1IXtXuoGvySGmbi9A7f07ZKUaVBopLAS494lI5JHCahv245CUgubQrrL2PQ73qVkbHHB1oNNgA229dSF36FCJorP6ZoLPY3etAP7i0mI7N6YTXCkAKYu3V50T9mciyzfYQJUT8igjoTeiTKYlWryQaWreDS8QMRa_hv9n5VWSQt78lbg87MWSZF7JFjLZz2uWU7wfX1ZgWLwqj-_vAKGYBbMNlv1gNDrrhijGcageXynkTPyGcHavdwNYdewmQOLWKCNe05yugQvCIhi4eMk-avhz1RizfDyCT1i_L2L9uXY1QzWhiBVNxjVN5-9FZkI8bBCZtidfUYO347OjLPGWmmga7M&cid=CAQSTgDICaaNlMYucfmDhEmQLRgkcAR8wJPcbYy-ti5381ty-BSUvhvZiVlmVx4KcEluvxkn5IVn0dt45eZuQtzwF9Pkc9ua97gHs6Bq9A5xSRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsum.in.ua%2F&ds=l&xdt=1&iif=1&cor=1594244370124556800&adk=1761367587&idt=140&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 04:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
59267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 04:49:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 89BC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
184348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
truncated
/ Frame 89BC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78c82385bf030ba44ff36ca2fe6d2f5784352c2a05f8b1fe716385f48ca278b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame EBBC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
64736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame EBBC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 10:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
39648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Nov 2024 10:16:48 GMT
index.html
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		98 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
518474de666afddd99e537fc9827213d94c98f7628a2d1d8abb0c1c47889b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
267456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22151
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 19:00:00 GMT
expires
Fri, 22 Nov 2024 19:00:00 GMT
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 89BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMFOJbQoEJq65IyGXO9QCpm9LEn6SzLbt0mGnPnvX-po7sIEedF2vf_8SDAQ3ugFyw7FnPpkuNTU6H521nwyKViVvCMtrxjWYWV8zrA_T7hBa6v5YPO4Hy9VY0uGjybK-sahUmzklgPX78Gya10idZaCioZH1mScFz3pepANjLsANDmtRfRgWQSspJU2UNpE9Mk7hNdenf63XsQNccYsLamJ5NwNySqD6znXYoNBPLY9_pnO00fw_Jb3mX7bdKhrkz2MEtJzh0ZNoIdwUIEuRnjhAP248FT6MUGEdeOIGpSOGtSstXSAOu64Sts32xv7NSjNIaSAfyAFY1SNb-2dVklFJIOwWPVwjAmpI_9dJIry845ksKl1GK95oVZWYCaMGgDjzXjvk73nlYCSqslkoeQE-S7mrdyYF1brWQdWAuiVV3edb_kLICJnp8WuOw4eY6abP4v0XVCCnxAtfqrXWdQ1KAIW9NtJfPclazfkRr17fVcyQ58SEmdgiOhJ3IfX4RIBgI5YletsGUslYA2J5dWyUWkOMM0H5_IlplIGCR4hBDiWwYvlxdKstA4ojN3-31FAAnahnsk21RqZYyqNtijrs1MXFIaNB6VQq0K1umo7IHYMf9Pdlo_thnn2P6LHvY-4IRoatrKWFyzjAum7ForohBJF3XyN4y9ZgXrqcyokBdopTnRRrC3imK83vy597crLQToYSdR7Z3omWvbmNisjvsODp2hcY8Cp1ph-N-xLhafPXFbSk6ksts3xvK2lb_7RyBU2wZl0_SDkIkXUek9sFWroAPhv6j_6gilIzl1QjVqUbiYU5HBdONvYroxcqqTB9Y5CmAzZe13Odml7bn9RQ-HM7ElW39AsjHUrl9CkQ_QnaL-55a1XhEl8q_P5UO1UGc8GwktA4Z7lS0X5I0-YHjtVb-fs8nLgMb8kmpAvaRtvTXSqNs2VJAGOV1YH3lL1vBJ2B-DGCP_wTHvfQmEEvepLedlMYH9g8aq24Ezjxioy8FvHTA6dUsX8FMESv6NJcXU1GKHHSXXmyrXytIqdrpAwQ5Hm06Dn-lFhipDj8M5wP4HaZNfIxXAYQw_9w-Y1AKoqUQ51H9vRT2HCA7JKgD9_Z3iIoHKkAuEf0AaDMycxy-tgPky3YB9WyQusQ9JiKq3KD7aM5GcibkUI7UVk3p7UvKArN9baAOwJHd6eQcwqtZOGWSRSbljM1_6n-bUu_UGeBvN6BEvRmg9HUneEXJejT-tnhdybHj6pOdoK61tMgSvitbM7z3UJ3Z9PYPRkOpNWH4gvebJtAstA&sai=AMfl-YT_ND6PcqtYbGVnvK6ln6JD6pU8BnzMSdcpQ4VeTWyMDpV1a7bfjUZgo3tFVyCeN2uJ5ch37kTeSoqQCqf6stbkBu_tSB5K-sW4sMb1HSP9mUVO9ml047npN9EY6B7jANKnDWcZFlMYcnMxUKiOWD5wmYYGOciE95jmAaoI8-wyHCdqLJmi8GGZf-q7k9um8LlU4koZqIwy-2R-LNvOpqBS44ZQ6j8MUKRyZ6FZeYFXLy4nLvsb1mV-4PDVjN7xEzkoStZZk5ehN1NNuP-eduJjS3z8H5a0zz_3S1JcqqWrqtyCmg52mbNMVTdeVRs&sig=Cg0ArKJSzIgHdciopCnVEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=188&cbvp=1&cstd=186&cisv=r20231109.06206&arae=0&ftch=1&adurl=
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 26 Nov 2023 21:17:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
93656
tags.bluekai.com/site/ Frame 89BC 		62 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D31025045&phint=crid%3D205278112&phint=pid%3D381581918
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.104.189 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-189.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 26 Nov 2023 21:17:36 GMT
content-length
62
bk-server
a175
content-type
image/gif
main.19.8.461.js
static.adsafeprotected.com/ Frame 89BC 		213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.461.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1847127/76687242/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014950547&ias_pubId=pub-2843374221922515&ias_chanId=1&ias_placementId=20792064609&bidurl=http://sum.in.ua/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iByWiD-31wky4dbDU_mwer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:25:14 GMT
x-amz-version-id
SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding
gzip
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
388343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 22 Nov 2023 09:25:12 GMT
server
AmazonS3
etag
W/"315b08a0e21410ecc940dd381f9a8dd0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2glQ33WVv959wSBndKbUI_Gt0PMT0l6vDnDyAVgWNbrC6VUmMz2aaQ==
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame C5B0 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Nov 2023 17:05:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 89BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMFOJbQoEJq65IyGXO9QCpm9LEn6SzLbt0mGnPnvX-po7sIEedF2vf_8SDAQ3ugFyw7FnPpkuNTU6H521nwyKViVvCMtrxjWYWV8zrA_T7hBa6v5YPO4Hy9VY0uGjybK-sahUmzklgPX78Gya10idZaCioZH1mScFz3pepANjLsANDmtRfRgWQSspJU2UNpE9Mk7hNdenf63XsQNccYsLamJ5NwNySqD6znXYoNBPLY9_pnO00fw_Jb3mX7bdKhrkz2MEtJzh0ZNoIdwUIEuRnjhAP248FT6MUGEdeOIGpSOGtSstXSAOu64Sts32xv7NSjNIaSAfyAFY1SNb-2dVklFJIOwWPVwjAmpI_9dJIry845ksKl1GK95oVZWYCaMGgDjzXjvk73nlYCSqslkoeQE-S7mrdyYF1brWQdWAuiVV3edb_kLICJnp8WuOw4eY6abP4v0XVCCnxAtfqrXWdQ1KAIW9NtJfPclazfkRr17fVcyQ58SEmdgiOhJ3IfX4RIBgI5YletsGUslYA2J5dWyUWkOMM0H5_IlplIGCR4hBDiWwYvlxdKstA4ojN3-31FAAnahnsk21RqZYyqNtijrs1MXFIaNB6VQq0K1umo7IHYMf9Pdlo_thnn2P6LHvY-4IRoatrKWFyzjAum7ForohBJF3XyN4y9ZgXrqcyokBdopTnRRrC3imK83vy597crLQToYSdR7Z3omWvbmNisjvsODp2hcY8Cp1ph-N-xLhafPXFbSk6ksts3xvK2lb_7RyBU2wZl0_SDkIkXUek9sFWroAPhv6j_6gilIzl1QjVqUbiYU5HBdONvYroxcqqTB9Y5CmAzZe13Odml7bn9RQ-HM7ElW39AsjHUrl9CkQ_QnaL-55a1XhEl8q_P5UO1UGc8GwktA4Z7lS0X5I0-YHjtVb-fs8nLgMb8kmpAvaRtvTXSqNs2VJAGOV1YH3lL1vBJ2B-DGCP_wTHvfQmEEvepLedlMYH9g8aq24Ezjxioy8FvHTA6dUsX8FMESv6NJcXU1GKHHSXXmyrXytIqdrpAwQ5Hm06Dn-lFhipDj8M5wP4HaZNfIxXAYQw_9w-Y1AKoqUQ51H9vRT2HCA7JKgD9_Z3iIoHKkAuEf0AaDMycxy-tgPky3YB9WyQusQ9JiKq3KD7aM5GcibkUI7UVk3p7UvKArN9baAOwJHd6eQcwqtZOGWSRSbljM1_6n-bUu_UGeBvN6BEvRmg9HUneEXJejT-tnhdybHj6pOdoK61tMgSvitbM7z3UJ3Z9PYPRkOpNWH4gvebJtAstA&sai=AMfl-YT_ND6PcqtYbGVnvK6ln6JD6pU8BnzMSdcpQ4VeTWyMDpV1a7bfjUZgo3tFVyCeN2uJ5ch37kTeSoqQCqf6stbkBu_tSB5K-sW4sMb1HSP9mUVO9ml047npN9EY6B7jANKnDWcZFlMYcnMxUKiOWD5wmYYGOciE95jmAaoI8-wyHCdqLJmi8GGZf-q7k9um8LlU4koZqIwy-2R-LNvOpqBS44ZQ6j8MUKRyZ6FZeYFXLy4nLvsb1mV-4PDVjN7xEzkoStZZk5ehN1NNuP-eduJjS3z8H5a0zz_3S1JcqqWrqtyCmg52mbNMVTdeVRs&sig=Cg0ArKJSzIgHdciopCnVEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=286&vt=11&dtpt=98&dett=3&cstd=186&cisv=r20231109.06206&arae=0&ftch=1&adurl=
Requested by
Host: sum.in.ua
URL: http://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBBC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgMaC8LVjZfTMB6_H1PIP6b6wgAMAAAAAOAHgBAI&bg=!jI-lj8DNAAZxrfrxUa07ADQBe5WfOP69I4FPlmyFzyPi0pXb39O5qui0sqNb4mpPNsz6roRSM3Qcl4ax20HADpO3XuXcAgAAAEtSAAAAAmgBBwoAF-1q2qkRbwjt878mcgr8XLbDtGadSZGqmQMBAHlGqQPJSkTxl_XrX_GmV32UVfYBPeMFqKlPI2s8BhoBQKrmTeZ6JaC_SF5u78g5iOO28drFdT9dyjm5s6tVbledEuvXfTBpxz35ZDYO28lZEVwLPvNzCQEeEyRp7Kh_dZOxPEU8tZAtSIm7EUqWpl_fw0tfGns41Bmnhj-fziGafPKQlnTS5lnq0uZCGsA88Ba4WaYVBtwIIRW5zMAt0cZC7Ph9OQSNjnJNiykd_uN7-JJzpQV-YUBI39MAQZz0BGaTBevDRhtWjx_TWj4N8l7afyFzPggUP0AXAhP6T-_RJVz_BTmzc1iWHyZeOVsMkBKWFqW9Fyw0Z6CtZr9PpfSXRQiCGrVQt-1x7nGou1hzzXnOmijNaFB_HgG0Eh6rPxBXrjDs3x5IQJy3N0cXq9ZdLnm6VSzzAZ0-HrhwaqEWAOurZrgDDNWUZ60ESMiRcyuc00M7hbJiw7ZuhnkmAmkUpMUWJ2CxMFCOm0gDeJHocQo9BXGipNItn0mGv63rOhd7qtF2rQaKDRrEod3bFrdRYheO_jQouNMYfdlxPMqszkT76t97YYtScFLdjzzbIbkzBshWc7Sdq45JbTPltrzxCb_lTvYeSkEk7hSfCkp6L6lAOyMBf_0m6Aa9wLFp3edGBUCn6onywtyI4-V7x2tDU-HKrlFpum8L5QBujQqb1YDgaFBuecz7QJ5ffH1soDL0yYbZ1Qt_OZaA_MLM5nBICNfjcasAcYJk_TM_8dFuEhAQUxyeqLlMFeUYiN248jg3YhCZgXF1xDC6hcl-IXMnY2OlQUNq2gNw-Y6aWEgtzoi9BzYKvFZ2qnbg_xDzKWbkV1K7xMWaIkZPshxpOnErWoulBeWfBVvPzGWgLxS7rjattmwWVu5xl6HxBA8IkiyvqNYKpJoCYczBV6ZADufHtOqLMIi0zT1laazR0N1pF0DDE5N6kAX3CQ8F0oeVcGtlCSBlh1kbgI_05K4oFpUBs4FK4I_DyfTAd7bRyclpLYqiymuoB8ZLs6e4fnYNjA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MM_logo.png
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/MM_logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9b536bdfc1998b232549f0f7ba116e687a4a681bab6e5f4272571f92a7b1ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 11:28:38 GMT
x-content-type-options
nosniff
age
35338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1845
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Nov 2024 11:28:38 GMT
SA_logo.png
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/SA_logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51336bba98355b76e928a833e63ad831dbdb88aafc815c2a43e97b432f38a044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 19:00:01 GMT
x-content-type-options
nosniff
age
267455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1448
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 19:00:01 GMT
Prod1.png
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/Prod1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adf13581b0a199e0031c03fc1ed148717bcb2f3959336d742b5785d3342b155a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 19:00:01 GMT
x-content-type-options
nosniff
age
267455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5853
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 19:00:01 GMT
Preis1.png
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/Preis1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92edad17d79a5e2a09071e36fbe91bd30f3260be895133ce0c482c242c8f496c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 19:00:01 GMT
x-content-type-options
nosniff
age
267455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2999
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 19:00:01 GMT
Visual2.png
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/Visual2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c2924aafdc1752840bc638eb372363fa8f55d13c517f85421768287ac6dc33e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 19:00:01 GMT
x-content-type-options
nosniff
age
267455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5528
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 19:00:01 GMT
Visual1.png
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/Visual1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51b8b5b178a7e6af1d3391a4ca2ce988f5ffae0c864f77995565d32c6431b57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 19:00:01 GMT
x-content-type-options
nosniff
age
267455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3167
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 19:00:01 GMT
Visual.png
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/Visual.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c2924aafdc1752840bc638eb372363fa8f55d13c517f85421768287ac6dc33e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 19:00:01 GMT
x-content-type-options
nosniff
age
267455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5528
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 19:00:01 GMT
BG.jpg
s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/ Frame C5B0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/BG.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e86d5cd8433d7a2a4bac62f7e50a63be3a72c3f0105ac895b59eec9d05186dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12317998983870913507/728x90/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 19:00:01 GMT
x-content-type-options
nosniff
age
267455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6108
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 07:55:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 19:00:01 GMT
skeleton.js
static.adsafeprotected.com/ Frame 89BC
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1847127/76687242/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014950547&ias_pubId=pub-2843374221922515&ias_chanId=1&ias_placementId=20792064609&bi...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
17 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Server
2600:9000:2127:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5248578
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
VjECfWRD9lfF1QFg4rik_Wjhr0IJHhDW66xOgOQEGC0taO5TfWJZAw==

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
nginx
x-server-name
app23.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 267B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5778506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
rQkDPQtQbSeNinJC08OkIXKXxK7ScFCO2mJOnKJ_4w8Yu5YHGSPcQA==
dt
dt.adsafeprotected.com/ Frame 89BC 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1847127&asId=a81678f9-5f3c-28c5-95f4-b4cbd844b97a&tv=%7Bc:v79FuI,pingTime:-3,time:168,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:149%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:168,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWKL1UU+11%7C12%7C131%7C14%7C151*.1847127-76687242%7C1511%7C1512%7C1513,idMap:151*,rmeas:1,rend:0,renddet:na,siq:151%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1fc3:ac55:be2f:e60d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 89BC 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1847127&asId=a81678f9-5f3c-28c5-95f4-b4cbd844b97a&tv=%7Bc:v79FuJ,pingTime:-6,time:169,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:169,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWKL1UU+11%7C12%7C131%7C14%7C151*.1847127-76687242%7C1511%7C1512%7C1513,idMap:151*,rmeas:1,rend:0,renddet:na,siq:151%7D&tpiLookup=ao:sum.in.ua%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1fc3:ac55:be2f:e60d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 89BC 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1847127&asId=a81678f9-5f3c-28c5-95f4-b4cbd844b97a&tv=%7Bc:v79FuP,pingTime:-2,time:175,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:500,beZ:500,mfA:635,cmA:636,inA:636,inZ:641,prA:641,prZ:644,si:649,poA:650,poZ:663,cmZ:663,mfZ:663,loA:668,loZ:670,ltA:674,ltZ:674,mdA:501,mdZ:625%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:149%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:175,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWKL1UU+11%7C12%7C131%7C14%7C151*.1847127-76687242%7C1511%7C1512%7C1513,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:151,sinceFw:24,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1fc3:ac55:be2f:e60d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:36 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 89BC 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1847127&asId=a81678f9-5f3c-28c5-95f4-b4cbd844b97a&tv=%7Bc:v79FAl,pingTime:-10,time:517,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1701033456953%7C%7C8581bf3e0aaba96ce9983828a7296cfa%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cc74cf5739023d6adcbe156bc04bc6b1e%7C%7Ce6336540972c4d024c608224314ece83%7C%7C32635630fb148197ab7bbac79f507d48%7C%7Cf49d771d4ebd88a4285c134b219c15db%7C%7C2ba2d3b8fd6c203168105452acb7d375%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1fc3:ac55:be2f:e60d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:37 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 85AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsglGKD_-YNv8XinjRcigGGKLUiVvGMBIIs0T7QquCzOnQhbgW4HdbZYxx7jq6Lzy73I8bQ282H-_X5tPDNiuJNgQEKBqUVafJQtYo0PUAefC-yaYsFkATdjy2p09Gow8xlkEmacLSVw3u_7873lGKAlqtNJWgSQRNKVcwQz5laRfGU7r-9PBSbR_fM2QoUU2hCup2tpDgkIABtcge6a1AlRKoqfS5qd1GhPVgQEiAaYY-wph05vgZSCGvM6ZqXsdB4t43qi41DNL-7KTSow6do8Sjkx-9KtYJqA5R5IjUPZveOASy5fV2hplVdk70qmoznXrEOx7ESb0TV_UwrquQNwNdxXvsMZZive9DIoXE6-vBqUSMxWggiyiJwpzM56YjDPeIZiyuj2zxKMx0_vofCuuF_mnZZqG4y6xN2Sg3UWvrmGVJw1aJFIpOGBF6LZTaEqnWayXxamnk5kIk9R67owvdRuSILTZWw27SxOUcniBA8krDnQ3DtOPNRbvevrZWcv2_WorzWX0Crhb2ta6qtGhQpyz_-HGMUxq3Am06zKfPiVFmjp_zltGDBxrETmbJzLv5R7c5pTCM3RSe5fPvNyXtFPhCyKCP2UGT1t48pxVX1e2vpzZHBGFjWlVq9CJetrPz8wyFPQfNys1BrjS_XFlwimpx3XMSu9l-s9F9RmAWm2OyFUFZ8nCvPvh11uUSrry52y7QUd2JvO6Od-JZA_pmVrnAiA97OZV-ITYX-VaZ05knt5t_RB12U9SO74UM4-YmSfw7yteFqFptoNLP6QWkJWMwGd_-V-aeWEpoC_RqB7OJ0cgVU07phfPaaqFD4qjtIUb_rysFhRh7rqG-t2VbrAUYPj3jgsw39gjDjVr9JtDAKbb3oTdfE3HfeMxR8Ll48sUzoAv4D3458f6Ozbou246X3LP_cV7KYYFHuf21F4slT-dVSjHm6jxpTVahfdycFehvkGuIVZO2rKYKg4sW4vjANjvfIe4XpjkEikQQtmhMxbVj3I-8YWGnyh290JCNB3LH17TTHVNSXDogR-1aIenJDKS6Nn1fZF1XxaRt6dl0HY6Bz888N55WLe-ANAoTTnJ75Oxk6QO7f0I-NDc14WkOYAntScrQrkIWiRi8AHs2kyabPRw3Y5bmIeU_KqvXpOUddQX7a7hz-a-4iEvaOygkpwXKFSH3qz-9ssUrsPenZRxRQgb5x8JeKCNgYFFvv53CEeNqpw933eW83Ip6asXeR5E7bDR9gAGuU8NoAzK1ZjRpkhqFrDtPgGFA-bp1jy_017vMm-zlhmRIi15E1BUR6VEG_X17MZhpqLNADzEcTQfUZxrz2JX8&sai=AMfl-YR0-tI4eV_t-aG_Xnh-iHh8-cQxB26qZcJK2NMv_vrxOy7FZYsb70Vm_x6ifUX8trCVGsoezDRc78FAxZ10NW824fOkZsgUbvSnxvt7rY7YYQ5MXOhkVNO0zGHuJIfsGQlFtR6RvbP7R7OkvXwiLZS7HWpYDelAi2B2Z6c&sig=Cg0ArKJSzO0jJiNxBlBYEAE&cid=CAQSTwDICaaNa7qUFyiIvEIuKJRG1Jlxp7IVmP5LwJ64GFZ7JRt63yS_gXTttiwqBRfkSkwrIzAH4Wv8b3SAbpgy2Kp4WnrdG5Kh6B58YKpYNHAYAQ&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2662933849&rs=2&la=0&cr=0&vs=4&r=v&rst=1701033455037&rpt=964&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91018c24a714e75bfd4b739239140b8143e94aa834b00af312677db2d834815e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12316
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 89BC 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1847127&asId=a81678f9-5f3c-28c5-95f4-b4cbd844b97a&tv=%7Bc:v79FCF,time:661,type:e,im:%7Bpci:%7Btdr:483%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:661,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B523~0%5D,as:%5B523~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:108,fm:tWKL1UU+11%7C12%7C131%7C14%7C151*.1847127-76687242%7C1511%7C1512%7C1513,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:151,sis:226%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1fc3:ac55:be2f:e60d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:37 GMT
server
nginx
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 21:17:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE4F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 19:48:52 GMT
expires
Mon, 25 Nov 2024 19:48:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1A48 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11a95ba01a12437498903130f724a5fac2487dcc9fd43b797c1c9bac9bdf54af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w64vhAB3vcknkcFl1mD-bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-w64vhAB3vcknkcFl1mD-bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 21:17:37 GMT
expires
Sun, 26 Nov 2023 21:17:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame CE4F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 10:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
39649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Nov 2024 10:16:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 89BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuetauBSfKVwFuTyb6AlkURromZ5JLjKaem9MFK3oH66JR9v31mLDkyCyWGTinm_o8h3JyVEcUlMRY3ToLtyKW_gYB5ybibYf_rxXoskHcxXhPSeqcBRIYws5Dx0112Yo7GA3OIOyLR46dt&sai=AMfl-YSDi-QKGOt32i_hKi7KGHUyAiCxI8VV5tB1-bP42ZtrSoFA90xwolqh-6R-zYy7yF72-2IIxSs1uUe6oAlpczImJffbTtWg-15VmB0KW0swkEL3ify1VEbY1kFrfYy6TcEpSZtd4UKuH4HuY1rW&sig=Cg0ArKJSzM2brLJeNyhlEAE&cid=CAQSTgDICaaNlMYucfmDhEmQLRgkcAR8wJPcbYy-ti5381ty-BSUvhvZiVlmVx4KcEluvxkn5IVn0dt45eZuQtzwF9Pkc9ua97gHs6Bq9A5xSRgB&id=lidar2&mcvt=1014&p=0,0,90,728&mtos=343,839,1014,1015,1015&tos=343,496,175,1,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1701033455937&rpt=304&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1A48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4254141193312054&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CE4F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jyRkjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 21:17:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=4254141193312054&bg=!SEulSwTNAAZxrfrxUa07ADQBe5WfOKCpKbYRXwaBQf-h1aLARodufHhAZe_DJ0Aui7QpylkFQIf_CVauCWTwCxYaDg8kAgAAAE5SAAAAA2gBBwoAf9ioXUapZhtidkKHaSUOADVh-3-8A2xEuqi9zazL6JLTQ-NirIlLtebKHOMaRemz8dYBgHh9WkZF9P7jT6Y5hWpAZ0zULRSg5LcGyCDEUMreghl-u9FPnyijNiPk5yTLQm_RPqS_EsqLxVgD7XuSGIkNlGwn5-DA_ItAl-bYBOiZAr7jqKSE-722vYn9WkCDWju1EmhzL4Ig65HlaOir2z0JVB27NdsZaHXwSk1cKEknxHS0YONGtPm7nSOuhBmtmZfBUKB6WwbY_II-2l3_0_iPKr8aj53Suoh7IzSVon6DxGYofTVo0XwNs8lAq44Y74fPo6LN0oHbuKFJVjVgWw2SxPxlmvE8etBQIy-X9u4YBpF6Uc_9y9ARtEoKwCCauYCZF_4ErJ79WjuqWkmm1qB1cLPw1n08kuC1DH63GfjzSbi-wqIN4n1TV2zpUQjMbtI6rp55H_h1xNnvjT0o3TKDEQ9ZJF5okb445wZGQ95Pz2s-2VAU7aIEGjSdlOhmxMO4NGGC4HuGI1HaqH548Vx1SWjrPER_NCrRQlC7emxpszUqMO56IZOyneMSOnWUCugYE4ZTW2DbaIahcOcER-o7Lym4rV2AIusNpTbL6bOWFEQy1fvicQSfMLZNb9KdCh_j8XV5E5COBWLSmfiejDQEz-DlqWc5DbSftP62Txzpmjf87BCCWh2uc9OOj2QbRfyjScfJKB8UJQ27OYHv7miNTh3EQxg66SivBYl5GkTNM9Gtt21Ui08djmO-Wbb9EPgBw0vrU05sEhuJklt4K279q19zjkIOHZf6QoPEXdIwLb0hAtA-K6WSPhqY21Hc3Z8f7k5i_e9fqYTOj5uHY2kc9ZEeC2jwuJ-wMTkmaZNef3NzuyAEZgtQjEZ86VTYLKAbavgN43WTqpXE1LmkZnJNsrWVN6R7aeOHjEq3yMVWG8FoWVpZ3CY1Zlu2K95gUAEJp6zeiLXa9_HLNJGFJ45aLjkxQDLhsPhjAU3MkSuDlIl0TTyPJEeDu5QS59J8jkng-tzbl1f6Qbranjxt6oGXu55skSsX-6k3o4GU8y3_43ZcotZtPhq_OoKK4MEe4QV18oa62_9bJQ01Xl3zJqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 89BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1035194463203&version=m202309260101&ct=76&x=1&cor=1594244370124556800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 21:17:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 89BC 		0
0
dt
dt.adsafeprotected.com/ Frame 89BC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1847127&asId=a81678f9-5f3c-28c5-95f4-b4cbd844b97a&tv=%7Bc:v79G6n,pingTime:1,time:2503,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:149%7D,%7Bpiv:100,vs:i,r:,t:1502%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1502,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1364~0,0~100%5D,as:%5B1364~728.90%5D%7D%7D,%7Bsl:i,t:1502,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tWKL1UU+11%7C12%7C131%7C14%7C151*.1847127-76687242%7C1511%7C1512%7C1513,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:151,sis:226%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1847127&asId=a81678f9-5f3c-28c5-95f4-b4cbd844b97a&tv=%7Bc:v79G6n,pingTime:1,time:2503,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:149%7D,%7Bpiv:100,vs:i,r:,t:1502%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1502,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1364~0,0~100%5D,as:%5B1364~728.90%5D%7D%7D,%7Bsl:i,t:1502,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tWKL1UU+11%7C12%7C131%7C14%7C151*.1847127-76687242%7C1511%7C1512%7C1513,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:151,sis:226%7D&br=c

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| $pick function| $try function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type function| Hash function| Native function| $A function| $arguments function| $chk function| $clear function| $defined function| $each function| $empty function| $extend function| $H function| $merge function| $lambda function| $mixin function| $random function| $splat function| $time function| $type function| $unlink object| Browser function| $constructor function| $family function| $exec function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow object| Selectors function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Swiff object| tips object| cache object| src number| cho string| lword string| basew string| bases number| hidden string| lSel number| mXd number| mYd number| mXu number| mYu number| fed function| getLoc function| sugClick function| showMenu function| request function| getSel function| comment function| showErrorDiv function| hideErrorDiv function| toggleErrorDiv object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| asptt object| asro object| asiscm object| seiel object| asla object| asaa object| sedf object| sefa object| sugawps object| ascmds object| slcwct object| sacwct object| slmct object| samct object| google_shadow_mode object| google_privacy_treatments object| google_xz object| adsbygoogle string| iS object| iD string| iT string| iH number| iI object| Cd string| Cr string| Cp object| FB object| __buffer object| hitua string| x object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

18 Cookies

Domain/Path Name / Value
.sum.in.ua/ Name: kohana
Value: nttea1hkm7b3jo3skqqr5da2k3
sum.in.ua/ Name: b
Value: b
.i.ua/ Name: __cf_bm
Value: 2Y7bdC0I6HtamyDkGs4MqjTlLPDtDcFFu0XmqMfFhO0-1701033454-0-AaZgM9Y5lDsOKc/fAxJfh27ER7LHpGriJ5yHlJStwPMXB3vZ9mxtYoi5r0DM72Ar2Rf3hJtP0NuoVAK3JHN2P84=
.yadro.ru/ Name: FTID
Value: 1bOxNk3FQbuh1bOxNk003AWL
.yadro.ru/ Name: VID
Value: 3ptvdE2DjXeh1bOxNk003AWq
.sum.in.ua/ Name: __gads
Value: ID=f509dfe6c92491cd:T=1701033455:RT=1701033455:S=ALNI_MbCzwDPJQMwp36EOCxe_b9mlPtPeg
.sum.in.ua/ Name: __gpi
Value: UID=00000ce0f5e562c1:T=1701033455:RT=1701033455:S=ALNI_MYLCsPhMqYAkUs4VTSBhHmwfT1rXw
.doubleclick.net/ Name: IDE
Value: AHWqTUnFAQj5yxwdm3IP_v6AbVecgC1lSMTD36Lqyb_I4lRboSYowjVcZAD_JOzabEE
.casalemedia.com/ Name: CMID
Value: ZWO18NCf-BYqChN2xRgHdwAA
.casalemedia.com/ Name: CMPS
Value: 5134
.casalemedia.com/ Name: CMPRO
Value: 5134
.adnxs.com/ Name: uuid2
Value: 3685598765756514678
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In1vZ8oO!]tbPl1M>e)ZlrFUfJ+tGXxpGGSkz=HN9WWN!qCoG0iq>Zjb2(Na`(rMF5%L*bpRz*qF1`*b`ho*@LSZ
.doubleclick.net/ Name: APC
Value: AfxxVi6cpDeJoA6mRAaVgPlTbSIEKrYC-YbiDY5z0UcYX2er_Il8OA
.googleadservices.com/ Name: ar_debug
Value: 1
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJy20AWvQY9xxBcENnRjqDyU63SnH9ABoWQB7EXhS4A44fCjyrY6/Em4caAX2w7QJeTX/DZ7aTb80zofSD1SyPspgPGHHEeIKaPPxs30ivohdkbnjBsC4xaQYiEA
.bluekai.com/ Name: bku
Value: ts6O9wYNRtUyBUGf

2 Console Messages

Source Level URL
Text
javascript warning URL: http://sum.in.ua/(Line 124)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.7111761406494865&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://sum.in.ua/(Line 124)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.7111761406494865&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.hit.ua
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.i.ua
ib.adnxs.com
pagead2.googlesyndication.com
r.i.ua
s0.2mdn.net
static.adsafeprotected.com
sum.in.ua
tags.bluekai.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
dt.adsafeprotected.com
104.18.2.81
104.18.3.81
142.250.181.226
142.250.185.226
142.250.186.34
172.64.151.101
185.89.210.141
195.242.161.64
2.19.104.189
2600:1f18:1aca:4280:1fc3:ac55:be2f:e60d
2600:9000:2127:8400:8:48e:53c0:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:830::2006
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.51.122.229
88.212.202.52
89.184.81.35
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
1053b4473d172c78b86099204d5d84224b18d62a51e6053cb7de4bac3011bfac
11a95ba01a12437498903130f724a5fac2487dcc9fd43b797c1c9bac9bdf54af
1261c0fa429b4e5a704c80bf7c3591845140d159f39347065ead46ed7344049e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
2d04d2a3ff21de50836e82981d6426f8027b7e9ac8b3eea527b018adc45a264c
2e79ed79e21183e6a86df2f87e07d2db25e46d55ec262f9820eb3546262540f0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
333b1b09a5abc768e2ec75d0a5ea91c4d02fd06c1f2460a52ffe335f83b1c20c
35e8bde350a7c1ec65ceff0350205c46a0f8fd5b342f47e185aee509a55d6731
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c2924aafdc1752840bc638eb372363fa8f55d13c517f85421768287ac6dc33e
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e0e977a94fe530537e3b6c79c8341f53530640ea14467c936c77342f97cec17
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
447070c93425ac71ab73129ec57e0293904deb6fab9d7798c64b99fd0369040c
44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e86d5cd8433d7a2a4bac62f7e50a63be3a72c3f0105ac895b59eec9d05186dd
51336bba98355b76e928a833e63ad831dbdb88aafc815c2a43e97b432f38a044
518474de666afddd99e537fc9827213d94c98f7628a2d1d8abb0c1c47889b463
51b8b5b178a7e6af1d3391a4ca2ce988f5ffae0c864f77995565d32c6431b57e
52fc141c457e0bd84d732f4504bdab186f540c31aaf3932561e8d8868ca8a908
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974
78c82385bf030ba44ff36ca2fe6d2f5784352c2a05f8b1fe716385f48ca278b5
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
91018c24a714e75bfd4b739239140b8143e94aa834b00af312677db2d834815e
92edad17d79a5e2a09071e36fbe91bd30f3260be895133ce0c482c242c8f496c
9e158d60481a687528c58d02966c05085c1ff8bbb5b8ac92998008af4a5c5eb7
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
adf13581b0a199e0031c03fc1ed148717bcb2f3959336d742b5785d3342b155a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca
bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bfc4d76f9d3436a0abea96c8c4fa785067adc942c48447866fb35ffc81aa26f5
c0b384e1e288d10e61d9d7f91453bc1390278b3bba294b15971fe70365f0b7da
c83944a9ee6a3b44ace5271eacba04b79ce71fb974d8724f8be9c418a9db662b
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d9b536bdfc1998b232549f0f7ba116e687a4a681bab6e5f4272571f92a7b1ffb
de2249dcd9be31eef43aeb0c2587d8933d759df934ed647ec6b1a9e640bd913d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f38935d5dd5e37a609a7da8bc092f805c0032daf39d51e5b1a2f2640eb0228
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c