www.gismeteo.ua Open in urlscan Pro
193.16.47.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gismeteo.ua/
Effective URL:
https://www.gismeteo.ua/
Submission: On June 11 via api (June 11th 2022, 2:01:45 am UTC) from GB — Scanned from GB

Summary HTTP 199 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 69 IPs in 14 countries across 51 domains to perform 199 HTTP transactions. The main IP is 193.16.47.244, located in Krakow, Poland and belongs to WNET, US. The main domain is www.gismeteo.ua. The Cisco Umbrella rank of the primary domain is 207251.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 4th 2022. Valid for: a year.

This is the only time www.gismeteo.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.16.47.245 193.16.47.245	1820 (WNET) (WNET)
10	193.16.47.244 193.16.47.244	1820 (WNET) (WNET)
17	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 5	79.137.68.143 79.137.68.143	16276 (OVH) (OVH)
3	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	108.156.255.76 108.156.255.76	16509 (AMAZON-02) (AMAZON-02)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::ac43:44a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
3	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	209.205.201.34 209.205.201.34	55081 (24SHELLS) (24SHELLS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 6	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
6	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
3	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	18.185.225.109 18.185.225.109	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	185.170.63.77 185.170.63.77	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 10	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
5	193.108.153.28 193.108.153.28	34164 (AKAMAI-LON) (AKAMAI-LON)
1	3.122.149.33 3.122.149.33	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1 1	23.88.75.189 23.88.75.189	24940 (HETZNER-AS) (HETZNER-AS)
4	23.227.139.243 23.227.139.243	() ()
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	209.205.206.178 209.205.206.178	55081 (24SHELLS) (24SHELLS)
4	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	35.156.193.10 35.156.193.10	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	148.251.4.142 148.251.4.142	24940 (HETZNER-AS) (HETZNER-AS)
2 2	194.190.76.38 194.190.76.38	48061 (UMA-TECH-AS) (UMA-TECH-AS)
5 5	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	151.236.118.210 151.236.118.210	204720 (CDNETWORKS) (CDNETWORKS)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:b5e2:da8a:f496:918a	16509 (AMAZON-02) (AMAZON-02)
2 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2 3	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.210.200.111 52.210.200.111	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1 2	52.45.92.187 52.45.92.187	14618 (AMAZON-AES) (AMAZON-AES)
1 1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
3	2600:9000:215... 2600:9000:2156:f400:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1	31.172.81.158 31.172.81.158	() ()
1 6	3.66.201.109 3.66.201.109	16509 (AMAZON-02) (AMAZON-02)
1 1	194.213.62.37 194.213.62.37	() ()
1 1	23.75.240.210 23.75.240.210	() ()
199	69

1 193.16.47.245 (Krakow, Poland) 1 redirects

ASN1820 (WNET, US)

gismeteo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 193.16.47.244 (Krakow, Poland)

ASN1820 (WNET, US)

www.gismeteo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.gismeteo.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rss-images.gismeteo.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 79.137.68.143 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ltx2.host.hit.gemius.pl

galt.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.156.255.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-76.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44a2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.205.201.34 (Piscataway, United States)

ASN55081 (24SHELLS, US)
PTR: static-34-201-205-209.24shells.net

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.196.115 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.gismeteo.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.225.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-225-109.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.63.77 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a4485.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.35.236.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.108.153.28 (Frankfurt am Main, Germany)

ASN34164 (AKAMAI-LON, NL)
PTR: a193-108-153-28.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.149.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-149-33.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.189 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.227.139.243 (None, )

ASN- ()

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.205.206.178 (Piscataway, United States)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.193.10 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-193-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.4.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.38 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.matchtv.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.172 (Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:b5e2:da8a:f496:918a (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.91 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.200.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-200-111.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.92.187 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-92-187.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:f400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.158 (None, )

ASN- ()

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.66.201.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-201-109.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.213.62.37 (None, ) 1 redirects

ASN- ()

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 146	164 KB
18	gismeteo.st static.gismeteo.st — Cisco Umbrella Rank: 159924 rss-images.gismeteo.st — Cisco Umbrella Rank: 167029	87 KB
17	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 104 googleads.g.doubleclick.net — Cisco Umbrella Rank: 48 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	170 KB
16	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 494 eus.rubiconproject.com — Cisco Umbrella Rank: 559 token.rubiconproject.com — Cisco Umbrella Rank: 678 pixel.rubiconproject.com — Cisco Umbrella Rank: 321 secure-assets.rubiconproject.com pixel-eu.rubiconproject.com Failed	26 KB
12	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1235 s.amazon-adsystem.com — Cisco Umbrella Rank: 279	48 KB
11	adform.net 1 redirects adx.adform.net — Cisco Umbrella Rank: 4115 track.adform.net — Cisco Umbrella Rank: 3911 s1.adform.net — Cisco Umbrella Rank: 8232 c1.adform.net — Cisco Umbrella Rank: 572 cm.adform.net — Cisco Umbrella Rank: 1803	151 KB
11	gismeteo.ua 1 redirects gismeteo.ua — Cisco Umbrella Rank: 201364 www.gismeteo.ua — Cisco Umbrella Rank: 207251	119 KB
10	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 506 a4485.casalemedia.com — Cisco Umbrella Rank: 334366 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 564 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 539 ssum.casalemedia.com	15 KB
9	adscale.de 1 redirects js.adscale.de — Cisco Umbrella Rank: 7270 ih.adscale.de — Cisco Umbrella Rank: 3998	13 KB
9	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1023 secure-ds.serving-sys.com — Cisco Umbrella Rank: 1665 lm.serving-sys.com — Cisco Umbrella Rank: 1719	103 KB
9	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 47872 inv-nets.admixer.net — Cisco Umbrella Rank: 2400	141 KB
8	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 231 acdn.adnxs.com — Cisco Umbrella Rank: 576 secure.adnxs.com — Cisco Umbrella Rank: 399	36 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 381 mug.criteo.com — Cisco Umbrella Rank: 2914 bidder.criteo.com — Cisco Umbrella Rank: 728	9 KB
7	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2075 cache.betweendigital.com — Cisco Umbrella Rank: 20530	5 KB
6	gemius.pl 1 redirects galt.hit.gemius.pl — Cisco Umbrella Rank: 135751 ls.hit.gemius.pl — Cisco Umbrella Rank: 12379	32 KB
5	bumlam.com 5 redirects sync.bumlam.com — Cisco Umbrella Rank: 2668	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 286	3 KB
3	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 480 ads.yahoo.com — Cisco Umbrella Rank: 1078	2 KB
3	adtarget.com.tr s.console.adtarget.com.tr — Cisco Umbrella Rank: 4095 sync.console.adtarget.com.tr	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 82 www.google.com — Cisco Umbrella Rank: 4	2 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1342	1011 B
3	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6467 sync.adtelligent.com	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47	20 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 172	113 KB
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 14611	1 KB
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 3823	563 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 361	529 B
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 8577	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11647	823 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 635	2 KB
2	setupad.com node.setupad.com — Cisco Umbrella Rank: 40137	417 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 613	57 KB
2	openx.net setupad-d.openx.net — Cisco Umbrella Rank: 50193 u.openx.net — Cisco Umbrella Rank: 742	471 B
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 476 ads.pubmatic.com — Cisco Umbrella Rank: 466 image6.pubmatic.com Failed	17 KB
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 38763	1 KB
2	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 179754	24 KB
1	ibillboard.com 1 redirects bbnaut.ibillboard.com	550 B
1	sniperlog.ru sync3.sniperlog.ru	516 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 487	430 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15174	69 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 908	356 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 863	209 B
1	tynt.com ic.tynt.com — Cisco Umbrella Rank: 4293
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 434	10 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8201	792 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6683	177 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 570	622 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 487281	169 B
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 41437	119 KB
0	mathtag.com Failed sync.mathtag.com Failed
0	adxpremium.services Failed rtb.adxpremium.services Failed
199	51

	Domain	Requested by
11	pagead2.googlesyndication.com	www.gismeteo.ua securepubads.g.doubleclick.net tpc.googlesyndication.com 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	rss-images.gismeteo.st	www.gismeteo.ua
10	www.gismeteo.ua	www.gismeteo.ua
9	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	static.gismeteo.st	www.gismeteo.ua
6	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
6	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net um2.eqads.com
6	ads.betweendigital.com	1 redirects stpd.cloud ads.betweendigital.com
6	ib.adnxs.com	2 redirects stpd.cloud googleads.g.doubleclick.net acdn.adnxs.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	sync.bumlam.com	5 redirects
5	x.bidswitch.net	5 redirects
5	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
5	track.adform.net	cdn.jsdelivr.net s1.adform.net
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
5	galt.hit.gemius.pl	1 redirects www.gismeteo.ua galt.hit.gemius.pl
5	cdn.admixer.net	www.gismeteo.ua cdn.admixer.net
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
4	eus.rubiconproject.com	stpd.cloud eus.rubiconproject.com cache.betweendigital.com
4	inv-nets.admixer.net	stpd.cloud
4	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
4	gum.criteo.com	2 redirects static.criteo.net
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	aax-eu.amazon-adsystem.com	2 redirects
3	s1.adform.net	track.adform.net s1.adform.net
3	bs.serving-sys.com	5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com secure-ds.serving-sys.com
3	5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	prg.smartadserver.com	stpd.cloud
3	fastlane.rubiconproject.com	stpd.cloud
3	mug.criteo.com
3	www.google-analytics.com	www.gismeteo.ua www.google-analytics.com
3	www.googletagservices.com	www.gismeteo.ua 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
2	x01.aidata.io	2 redirects
2	sync.console.adtarget.com.tr	s.console.adtarget.com.tr js.adscale.de
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	sync3.adsniper.ru	2 redirects
2	px.adhigh.net	2 redirects
2	sync.adtelligent.com	stpd.cloud
2	js-sec.indexww.com	stpd.cloud ssum-sec.casalemedia.com
2	node.setupad.com	stpd.cloud
2	googleads.g.doubleclick.net	5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com www.gismeteo.ua
2	www.google.com	tpc.googlesyndication.com 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
2	static.criteo.net	stpd.cloud static.criteo.net
2	prebid-stag.setupad.net	stpd.cloud
2	s.znctrack.net	www.gismeteo.ua
1	ssum.casalemedia.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	bbnaut.ibillboard.com	1 redirects
1	sync3.sniperlog.ru
1	cm.adform.net	1 redirects
1	c1.adform.net	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	ads.yahoo.com
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	cache.betweendigital.com	ads.betweendigital.com
1	sync.dmp.otm-r.com	ads.betweendigital.com
1	odr.mookie1.com	ads.betweendigital.com
1	s.console.adtarget.com.tr	stpd.cloud
1	ads.pubmatic.com	stpd.cloud
1	acdn.adnxs.com	stpd.cloud
1	u.openx.net	stpd.cloud
1	csync.loopme.me	1 redirects
1	ic.tynt.com	stpd.cloud
1	lm.serving-sys.com	secure-ds.serving-sys.com
1	a4485.casalemedia.com	cdn.jsdelivr.net
1	cdn.jsdelivr.net	5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	adx.adform.net	stpd.cloud
1	htlb.casalemedia.com	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	ghb.adtelligent.com	stpd.cloud
1	setupad-d.openx.net	stpd.cloud
1	hbopenbid.pubmatic.com	stpd.cloud
1	id5-sync.com	stpd.cloud
1	loadercdn.net	www.gismeteo.ua
1	ls.hit.gemius.pl	galt.hit.gemius.pl
1	stats.g.doubleclick.net	www.google-analytics.com
1	stpd.cloud	www.gismeteo.ua
1	gismeteo.ua	1 redirects
0	pixel-eu.rubiconproject.com Failed	eus.rubiconproject.com
0	sync.mathtag.com Failed	ih.adscale.de
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	rtb.adxpremium.services Failed	stpd.cloud
199	90

This site contains links to these domains. Also see Links.

Domain
ad.gismeteo.ua

Subject Issuer	Validity	Valid
*.gismeteo.ua AlphaSSL CA - SHA256 - G2	`2022-02-04` - `2023-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-16` - `2023-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.stpd.cloud E1	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-09-05`	a year	crt.sh
loadercdn.net R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
node.setupad.com R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-01-15` - `2023-01-13`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-05-29` - `2022-08-27`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-05-28` - `2022-08-26`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
sync.console.adtarget.com.tr R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.gismeteo.ua/
Frame ID: 0A0D940DA19A515A1633EFEEDF0C9062
Requests: 88 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 3F2BE22F55CC030C679E765412152944
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: DC5834757E811DCD5D0E4BEF493BC2C0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 191E960FA0D8EC1339A832C726A1C418
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: E4A5CD3C85E724520CCB0F99FD73BA4A
Requests: 3 HTTP requests in this frame

Frame: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3D691656EA9D9EAFEA61BFBA632CF80
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gismeteo.ua
Frame ID: A63B67C98764A94844352716AA017205
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7EA4182B5BB26D94E2C7D8FAA51C78B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FED99E59CBB2B15C8828FC122AC2083C
Requests: 2 HTTP requests in this frame

Frame: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4291C43EF72B8E5DCDC4D11DAD30AE99
Requests: 20 HTTP requests in this frame

Frame: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 36AD2AB2A3F74B533C332F7FCA2F9657
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLv2tssBMAE&v=APEucNV8U83vFAKTTh9qKs5-FLEDE_2xcVHRfw7QYEiuJz0ogFN3b999OBGDL9tGQ_jbjOIz0WJh07TYbpTPGdeuIKmXmODYeQrt9qvZOXBLDK2aJ_zJyvBgvj6FR5nh84TplmO2F2hY1NbumaQpKkCPCc-ipmsxAJYvJKDo-V9wNfcjqOscmdY
Frame ID: 9DA389A1057D1A5979C9516E7556CDEB
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53721677;rtbwp=YqP3gwAAAAAchV9-6mG4i5mUJOsXemcdtWfXqw;rtbdata=JmhGGE0Ooy7I9wOETxpk9lEcWTdOKYur_y0Nou98SZfa5BCWavj4dZHHIt_QevMBdfbojnNZZ6GaPfz2Qmbpt2qTc8OahAQ1IseY1-U8wWbY6i7uwaCs7vFf-JTM6PlgzR4XggVonSieOc9W-kq8RQFOev4XgMjzD5dxNk7BqWvw9zoghF0MbdgC99gnsFy0ogi9vbTjejOxOfeC2nnFAfSqKVElJpMe4UFuhV40q881
Frame ID: 150D63216C423D9D089A00A8A61D212D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5B8CF040B4B0651BC41D88BB19B89D87
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AB1C7EA58B2FA81A25D088D348898608
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 3EFAA730087665A1250572B6B4C79FD3
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4b3a5476-7621-448f-82c8-bc7f65b5a685
Frame ID: 1BA994F2F6D32623408DB07ED013561E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C66672F892F7D723F9A056FDF0206CB9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7F368D01E473E084DB4E671AE2081250
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6F80E7771E5C0FA98E7AFF51066261BC
Requests: 2 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 07E231D848FE089AFA70546C6DD0A735
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 1A1A6BEBB2C05D6734DED1EEF95054C6
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C3B9762BBB9B7E26E73D73F3348D4B1C
Requests: 10 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6605102a-7f94-52a2-abd2-c882c9713f01&CACHEBUSTER=69576
Frame ID: 4A843C34386161E1ACDD615530D10BFA
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CAFDD9BFB3A63E13DA62B1EA2A2A41FA
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: E3C8C2E49D2A892F2BF50200C72BD7C8
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2901319731568019291
Frame ID: 0225669C654D002D15926622A18792B7
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 115CFA4E975545777DAE73F5736BCE32
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: C49D48A2B34541675EA9B7EBE6B2EB43
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 1504013858E4AAF15F73B19697CDAB64
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 26A79A35803DEF3D7584E5596CD71DA0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GISMETEO: Погода в Украине, прогноз погоды на сегодня, завтра, 3 дня, выходные, неделю, 10 дней, месяц.

Page URL History Show full URLs

http://gismeteo.ua/ HTTP 301
https://www.gismeteo.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

199
Requests

84 %
HTTPS

28 %
IPv6

51
Domains

90
Subdomains

69
IPs

14
Countries

1478 kB
Transfer

4342 kB
Size

59
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://ad.gismeteo.ua/feed/?click=MzE3Mzg0NnwzZDE0YTA5NjA5ZjU0ZDk5Mjg5NGRjNzlhNWEzYTIxZA%3D%3D
Title: Сколько стоят доллар и евро: обнародован свежий курс валют

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MzgzN3xjOTJlNjI3NGE2Yzk0M2I1Mjg0ZDNkMWU5NWEwMzZmZg%3D%3D
Title: ПриватБанк начал выплачивать соцпомощь украинцам

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MzgxOHxkYTVjZjFjZjZkN2EwMjFiZmFmYzJkNDMzNDRlM2UwMw%3D%3D
Title: До 5025 гривен. Кому повысили минимальную пенсию по новому закону

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MzgxN3xlYjA0NzYyZGFjYTlhMjI1NzJiNjQ0N2FjNDNjNTE1Ng%3D%3D
Title: Нацбанк собирается поднять фиксированный курс

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3Mzc0NnxjM2NlYWZiNzY5NDhkYmNhZTMyZWNiOTA5ZGYxYTJjMQ%3D%3D
Title: Некоторым пенсионерам в Украине повысили выплаты: кто получит больше денег

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MzcyM3w1ZDg4YWI0MmE1MGZlNmQ2NGQ3YjgzMzRjOWJkOWVkZA%3D%3D
Title: В магазинах иcчезла сода: где найти товар (фото)

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MzY4NXwwNDRjMjc4M2Q3NzkzOWNjMmE0NDExNmI3MDI4MGFlMw%3D%3D
Title: Стало известно, поднимется ли цена на горючее в Украине

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MjgzN3xmMWExNjVlYTU4YzcxYmZmNDJjZWQ1ODI5MTBkNzQ3YQ%3D%3D
Title: Черешня по 2500 грн/кг - не "зрада". Почему не нужно паниковать из-за дорогих ягод в супермаркетах

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MzU2N3w0MjI3NzVhNzU3ZjUyNjgyODg2Y2ZhZDNkY2Y4YjdiYg%3D%3D
Title: Нужно заплатить до 25 числа или будут проблемы: какие условия действуют в ПриватБанке

Search URL Search Domain Scan URL

URL: https://ad.gismeteo.ua/feed/?click=MzE3MzA3MXwwMGZmZmE3ODU2YzdlNDVhMjUyZDkyOTQwMDJjNTVkZQ%3D%3D
Title: У украинцев могут возникнуть проблемы с газом: глава ГТС назвал причину и выход из ситуации

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gismeteo.ua/ HTTP 301
https://www.gismeteo.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=p6NQ0XxqY0ZTTlFzMVJUcjg2SmdUTHhVb3pMSjNoZkNVMnFGL01vUWpPMUxJcStPRXRMbzA0c0cvVmpXN0JrTk5XckhCMVJOZ3J0a0xzL1pxRWs0NXNyaHdUamgzTjd1OTN3aXBmRVpvMnA0ZXFMcXpDS0I4dnpwYjdPWXAzYVphV3pQSTd6RU1UZEptVnV5dmRwQzFXTmI4cHNWOHA4WlNUa3krUCtESER6R0puLzVzTHpUL0sxcG1TbzV1RFFNUHBBeklIRVo0Z3Q1S3RWQ0hhSGo4QTN1ZUk3SVJoSjQvaStodzRxenhHWmE0cGx3PXw&cppv=2

Request Chain 70

https://galt.hit.gemius.pl/_1654912899407/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4FpxEDdnRNpArfRVC5.wTYvfLtrxoVBUtHf6SZ.K.EH.b7QGPxdOx28X4isfXJAfKnzfBGR9rwlonodqT25DOmSd1NJb/.2LjAmD0Se20E/&ltime=389&fpdata=Fux8AYlwZZafdXTdF6FHQ3Uc1cfxVXhJIA4X4qMG65H.q7&fpcap= HTTP 301
https://galt.hit.gemius.pl/__/_1654912899407/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4FpxEDdnRNpArfRVC5.wTYvfLtrxoVBUtHf6SZ.K.EH.b7QGPxdOx28X4isfXJAfKnzfBGR9rwlonodqT25DOmSd1NJb/.2LjAmD0Se20E/&ltime=389&fpdata=Fux8AYlwZZafdXTdF6FHQ3Uc1cfxVXhJIA4X4qMG65H.q7&fpcap=

Request Chain 94

https://gum.criteo.com/sid/json?origin=publishertag&domain=gismeteo.ua&sn=ChromeSyncframe&so=3&topUrl=www.gismeteo.ua&bundle=YZoO-V80cXhWZVhsVnFuRnBvRlFvb1U1MG1wcXVKVEZIMlJGYXAxZHVDRVM4T1ZJMW4lMkZpZEVrNWh3MklHWXNrN01pSGhseDlCWnVaMEppMHJXb2hQUndxQXpVMEpXUFpFNWNIN0ZkRXBJZUFEQzJXU2JwVGVNaXRnY3VMelNlJTJGZ2U1d0o&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=INwHinxTR0JlYkIwRzFiS0thNlZFRDhNYkNaV3k3bGZsT00vRUFaZ0lRNUNTaWsvOGlaMlJXNnR2VWVxRktreDhrSVgyODJVR3IzcDhlbE9uK0hzZDR3ajlGMVZqN084d3J6L0Z3VVdpWGZuQVdPNWlWUDM4dS9pa3VwU254VVZjNXNVL1N3T1kwNVNETHl4SDVwVzhXVS8rK1NFSzRxSGFZMjRVNFpmQmx3MFBsWTFpTjY0ai9JSkd0MzJCZXZwck1kcGxjeTJpZ3duWVdLaEJxUENNdlI4c3JDVWI4S285d2JxZ2pGT0p0VHk1NzcxVjRWcXBzWjdndFhkbmE4TXp1Nk0wRmowL1BMVld5TmE1RlMrQjZNemJLQT09fA&cppv=2

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1&C=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqP3hVFavOmoXqvRCd3RywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-iC_z-HPJPG44--ATL9ew&google_cver=1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwNzY2MjE3OTAzNDcxOTEyNQ%3D%3D

Request Chain 146

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4b3a5476-7621-448f-82c8-bc7f65b5a685

Request Chain 153

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7e463edd-8a5e-4b94-8fec-9e70ea8fcc16

Request Chain 154

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8307662179034719125

Request Chain 155

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2a4772a9-449c-4bc5-b4f6-fabdb3945378&ssp=between&gdpr=&gdpr_consent=

Request Chain 157

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0rTWCJUXMef.AikABlGBUH7q3A

Request Chain 158

https://sync.bumlam.com/?src=bw1&uid=6605102a-7f94-52a2-abd2-c882c9713f01 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiH74-VBlIFvp7KygpiJDY2MDUxMDJhLTdmOTQtNTJhMi1hYmQyLWM4ODJjOTcxM2YwMQ** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiH74-VBlIFvp7KygpiJDY2MDUxMDJhLTdmOTQtNTJhMi1hYmQyLWM4ODJjOTcxM2YwMaIBEHEYoSjpKhHshuAAJZDAZHw* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiH74-VBmIkNjYwNTEwMmEtN2Y5NC01MmEyLWFiZDItYzg4MmM5NzEzZjAxogEQcRihKOkqEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiH74-VBmIkNjYwNTEwMmEtN2Y5NC01MmEyLWFiZDItYzg4MmM5NzEzZjAxogEQcRihKOkqEeyG4AAlkMBkfA** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7118a128-e92a-11ec-86e0-002590c0647c

Request Chain 166

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=6605102a-7f94-52a2-abd2-c882c9713f01&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=2a4772a9-449c-4bc5-b4f6-fabdb3945378

Request Chain 167

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/IsOqRnnsZhIBMwklEKqY58n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7199833116245905614

Request Chain 168

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L498ETQE-1G-CCWU&sigv=1&esig=2~42a2d8034f5a16862599e0f7af252f7cb3af40d2

Request Chain 169

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mzhRY4_lS5CXTur3puFLEA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mzhRY4_lS5CXTur3puFLEA

Request Chain 170

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5OEVUUUUtMUctQ0NXVQ==

Request Chain 171

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AUu0hSlSS6KppZ2Wb5qTgg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AUu0hSlSS6KppZ2Wb5qTgg

Request Chain 172

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk4OGU0ZjNiZTI5ODU0YWFmYzVkZjllZWEwOWRkM2ZhMmU0OTBiYg

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUV5mWfkUm2D1c8uD3c9P4&google_cver=1

Request Chain 177

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqP3hRQsllFUueZR0AZgJQAABy0AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqP3hRQsllFUueZR0AZgJQAABy0AAAIB&dcc=t

Request Chain 183

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 184

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2901319731568019291

Request Chain 188

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7118a128-e92a-11ec-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7118a128-e92a-11ec-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=7TkCdWNES0p4TG6Rm30gFw& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=7TkCdWNES0p4TG6Rm30gFw&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=7TkCdWNES0p4TG6Rm30gFw&extra2=aidata&google_gid=CAESEHLDbjKCWr1kBT7LXHczSJc&google_cver=1

Request Chain 189

https://ih.adscale.de/uu?cbfn=receive&t=1654912904 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1654912904&nut&uu=a060ff28fce848d6b49535fd93fb5066

Request Chain 197

https://bbnaut.ibillboard.com/match/AdScale?partneruid=a060ff28fce848d6b49535fd93fb5066&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9282617e5f94cc1885e359c90cecc68%2F1654912904604%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/d9282617e5f94cc1885e359c90cecc68/1654912904604/0/img?tpid=101&tpuid=BBID-01-03296269049104320-16626744

Request Chain 198

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 199

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=22a87e696bdba243673a2e366a1d63956fc3a918c3526b1f3fd365199033bd9a&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9282617e5f94cc1885e359c90cecc68%2F1654912904604%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqP3hRQsllFUueZR0AZgJQAA%261837

199 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gismeteo.ua/
Redirect Chain

http://gismeteo.ua/
https://www.gismeteo.ua/

76 KB
24 KB

2003ms
1833ms

Document
text/html

193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

14512d8404fac68b6c89b8f939882a89f732eadce537eb90d419e8ba09097265

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache no-store must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 11 Jun 2022 02:01:38 GMT
server: gis
server-timing: type;desc='backend'
strict-transport-security: max-age=604800
vary: Accept-Encoding Accept-Encoding User-Agent
x-content-type-options: nosniff
x-dc: ua.router-cdn-pl02
x-decepticon: 0
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Sat, 11 Jun 2022 02:01:36 GMT
Location: https://www.gismeteo.ua/
Server: gis
Server-Timing: type;desc='cache'
Transfer-Encoding: chunked
X-DC: ua.router-cdn-pl01

GET
H2 200 n_c0.jpg
static.gismeteo.st/assets/bg-header/ 2 KB
2 KB 154ms
51ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/bg-header/n_c0.jpg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ef9e4a353c5adea27356c57a75527bd31dfaddb0cdaa334dd546f8bacac7fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx6e283e303e204cc2a5cf5-0061fb9c1a
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx6e283e303e204cc2a5cf5-0061fb9c1a
accept-ranges: bytes
last-modified: Thu, 03 Feb 2022 08:13:47 GMT
server: cloudflare
etag: 9e30c27240fbd20ba7719cb8a3f17a31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLhQ%2BBj4lVVZhyOQC2YZqISy0d7YCgAiQjKR2wqD9qZG9W4g%2B4zb0PvLRAey9I1bIsoxcCL%2BiXmm8GNyR96jwzHF5pw2JmzDCi3kvefhNiVNNvJiibHuQcVwr%2FI%2BbFDxOJ6muIyDDdxJBECOcB9emh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1643876026.15577
cache-control: max-age=5356800
content-length: 1999
cf-ray: 7196c2914e4688aa-LHR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 191ms
75ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76b6661092ca66a0cc4230366f357e1ba5d50a4427ba0b91712c5acffdaa3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56320
x-xss-protection: 0
server: cafe
etag: 9919728034984145604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 02:01:38 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 473ms
143ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:23:59 GMT
server: nginx
etag: W/"6282425f-2c101"
x-cached-since: 2022-06-11T01:59:17+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 16 May 2022 12:35:26 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 178ms
62ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5026b01731e4adfd89a7941fe90121c186f82969ae7891dbfc8f349ffd1404d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28074
x-xss-protection: 0
server: sffe
etag: "1241 / 870 of 1000 / last-modified: 1654898836"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Jun 2022 02:01:38 GMT

GET
H2 200 gismeteoua.js Show response
stpd.cloud/assets/hb/ 423 KB
119 KB 157ms
56ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/hb/gismeteoua.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f75e95a853154eea9b495b0a5b334e1f4831ddd982fa746c4d8cad7735cefe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: mD/frf5FmTwZTVTSsYAj0A==
age: 960
x-ms-lease-status: unlocked
last-modified: Fri, 10 Jun 2022 06:16:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c26aa40a-f01e-0055-6c91-7cef1c000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7196c2917b3b0722-LHR
expires: Sat, 11 Jun 2022 06:01:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6150
date: Sat, 11 Jun 2022 00:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 11 Jun 2022 02:19:08 GMT

GET
H2 200 xgemius.js Show response
galt.hit.gemius.pl/ 52 KB
14 KB 264ms
78ms Script
application/x-javascript 79.137.68.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/xgemius.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx2.host.hit.gemius.pl
Software: GHC /
Resource Hash: c8735027e366b7837606564a38c5672a7fada0e7351ec677406ab22ce622903b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14031
expires: Sat, 11 Jun 2022 14:01:38 GMT

GET
H2 200 desktop-weather-fbb658579491ddd74270.bundle.min.css
www.gismeteo.ua/ngamg/assets/bundles/ 212 KB
34 KB 84ms
83ms Stylesheet
text/css 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-fbb658579491ddd74270.bundle.min.css

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

80f5bc2774d1d61a7eb2681f9ffb6897707d8a2b569924f1bc84910d0bfcb8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62a1c559-34f41"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 desktop-weather-148213030525545b8569.js Show response
www.gismeteo.ua/ngamg/assets/ 137 KB
30 KB 127ms
126ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/desktop-weather-148213030525545b8569.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

a0fee9c0614404bca888b228f7bdcf0a7edf71b9483673adf186b8d5dcc0e617

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62a1c559-222d6"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 n_prc.png
static.gismeteo.st/assets/maps/ 7 KB
8 KB 128ms
53ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_prc.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ff33ff05a65a7275c4ecf0792cfd9010a6bfc139af4ca18fddc3f4674afc90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx5337b655944b4f039d6cb-0061b972f3
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2885
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx5337b655944b4f039d6cb-0061b972f3
accept-ranges: bytes
last-modified: Tue, 24 Aug 2021 08:47:52 GMT
server: cloudflare
etag: 773ddb5c311bbd5c6045c933b0ba8878
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c58GBnAqkqp5fvURw1Vp52zrrdPLbironDo%2BEvX7jaw7edNfIH4Mcc4IS3vvrksc6oG%2BuXprQ9%2FOnuWMkdJ7Y%2Bkr557QZTo4FXANvbOmGu9Bp9CPacCD9mDGuW51oOFzthPFYYXnPmBL%2FwNEeCwGvQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-timestamp: 1629794871.62694
cache-control: max-age=5356800
content-length: 7412
cf-ray: 7196c2914e4f88aa-LHR

GET
H2 200 n_temp.png
static.gismeteo.st/assets/maps/ 11 KB
11 KB 129ms
54ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_temp.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a56c205b17f172e198b8ecda86282e8e29a86d88d02a39ac120f527fc71bcd17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: txb128576ef92949be89f9a-0061b972f3
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2885
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txb128576ef92949be89f9a-0061b972f3
accept-ranges: bytes
last-modified: Tue, 24 Aug 2021 08:47:52 GMT
server: cloudflare
etag: 3eae37d0e2661370eb06e2d380bbbdf4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ct%2BsQ8LbN7nmRVPCLXP3%2BTS9Avl4IybisyoeQ8654YG3FuWK7IkFIxk3Br%2FcJpYg0RJKpPRdnTpYsu5K6v7sW0jpTF3Gp8BrvianOwKYHJHv61%2BwZtDCyZgv7wB6HISk9hdUoXOOmYcnVS1gzvBByU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-timestamp: 1629794871.43432
cache-control: max-age=5356800
content-length: 11333
cf-ray: 7196c2914e4b88aa-LHR

GET
H2 200 n_wind.png
static.gismeteo.st/assets/maps/ 9 KB
10 KB 129ms
54ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_wind.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d406d4745472525da74efe07425fa1c73865f524dccf430f6c0f0e85f6f06b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx16754dcfb3e347dd9c6f8-0061b972f3
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4113
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx16754dcfb3e347dd9c6f8-0061b972f3
accept-ranges: bytes
last-modified: Tue, 24 Aug 2021 08:47:53 GMT
server: cloudflare
etag: 708edc4ea31887977ccccc22ec1bfc55
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GIUaMgbkC0iUkdhR6HNebYex4drUpW7MdCRldFqrtfUCRTBHmX8RXvdAGiAxABeeKYEtWESfkjayq3ax328bzdaanZc5b9TGQmyeEvGpZjtUyvx3RgE70hxaqB2wtykmSK9VxrWoXtb8rH7gE7bqEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-timestamp: 1629794872.10984
cache-control: max-age=5356800
content-length: 9644
cf-ray: 7196c2914e5288aa-LHR

GET
H2 200 n_clou.png
static.gismeteo.st/assets/maps/ 16 KB
17 KB 125ms
51ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_clou.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894aa20536ae6e99f77b8ea596211dc5a629e23fc3bd25be898f78612e245abc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: txb5899496bd6943f9a3a92-0061b972f3
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1869
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txb5899496bd6943f9a3a92-0061b972f3
accept-ranges: bytes
last-modified: Tue, 24 Aug 2021 08:47:52 GMT
server: cloudflare
etag: 1b7c0d26141bc5bb03c7724257285479
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu4%2BxMRq9GH50igpDqNE1ZouArjdmuvxPkyV2gd6GBgy1E9Ak3FALnCZXqjJRgk0tdJJu5GcUQVpXGMZ7dw3hm7zdWo%2BnjEbKYwTCBcankqTkLx3odyQHrO2WRNeojr7S8VYHyLJ2tDCVunDN%2BvxV%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-timestamp: 1629794871.62317
cache-control: max-age=5356800
content-length: 16673
cf-ray: 7196c2914e4d88aa-LHR

GET
H2 200 sprite-v2.min.svg Show response
www.gismeteo.ua/ngamg/assets/ 390 KB
26 KB 132ms
132ms XHR
image/svg+xml 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/sprite-v2.min.svg

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

de14e284bfe666d469dbc161975bcba1fe0ebe2d5f36b236914e9c8292a8541b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62a1c559-6161b"
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28afb0bf5088962ee2ab6ccd51361d8851bbe38b82cb49acc1c5730fcc25f033

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 map-660.jpg
static.gismeteo.st/assets/ 17 KB
17 KB 51ms
50ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/map-660.jpg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-fbb658579491ddd74270.bundle.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d48083fb1497fd8a18c60cee6cc3d02a5d35400774750a32c88e3df45aa6fb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: txbe84c9488cae4b859db38-0061b97343
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txbe84c9488cae4b859db38-0061b97343
accept-ranges: bytes
last-modified: Tue, 24 Aug 2021 09:47:49 GMT
server: cloudflare
etag: 40adbd6ea95113ca81ae8ffee32e5386
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11U0k19ILAXwqJojJcFxlOrGlXGph1yWiZ7u0KsM2SHv6W7Ebp8fsGO4yfciE8kOkZX0GVR%2Bvduh0hM%2FLn94k86kXzC%2Fv%2B31uy2m8omTz0CAi%2FLpRCKtoWxULXGHLRHiMgppuy32gCM%2BGM6%2FBaSYwEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1629798468.33947
cache-control: max-age=5356800
content-length: 17025
cf-ray: 7196c2915e5788aa-LHR

GET
H2 200 feedback.svg
static.gismeteo.st/assets/icons/ 811 B
792 B 67ms
67ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/icons/feedback.svg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-fbb658579491ddd74270.bundle.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65510155fba43504911909ebd5a89b33097335878ff825b6fd565d61a4688404

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: br
x-openstack-request-id: tx83d7a25dd164429a8f76d-0061b972f3
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx83d7a25dd164429a8f76d-0061b972f3
last-modified: Tue, 24 Aug 2021 10:01:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTNZmT1xUfG%2Bj4sIuo3cRWgqKT2GBCSYWLQS8mKzqCiTJrFetUW4reeek7PISCxIdaLekDB6R9gfCcP%2BMaEzoy1c4rVxExCpY2LGsbjeN0uvCj1DIKc7m3RLXRUKPQqdHK1gkx2mM7tzX0EL7DUjQuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-timestamp: 1629799288.03270
cache-control: max-age=5356800
cf-ray: 7196c2917e8888aa-LHR

POST
H2 200 z Show response
s.znctrack.net/ Frame 3F2B 51 KB
24 KB 384ms
172ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: d53c3aa6ad29e04a72af2cb84bd6cd333303370f4e1a5472daee7e3f7fb2f328

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23643
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 485-447dfe3e3d396b360059.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 1 KB
839 B 150ms
150ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/485-447dfe3e3d396b360059.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-148213030525545b8569.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

130abfcf6a76e6eca3a26b5e28c9a3888f781b387f1c4738ab0050c62dc3f011

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62a1c559-4bf"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 943-6500ad95715446993687.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 1 KB
915 B 148ms
148ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/943-6500ad95715446993687.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-148213030525545b8569.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

66a1502ca399e6dbf1137cb1fd1b3ad81f5b0299a131aac50ec5a3184b4b35d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62a1c559-491"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 414-537069c9394abb7e7a92.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 888 B
748 B 150ms
149ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/414-537069c9394abb7e7a92.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-148213030525545b8569.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

fe2afd17237c8eaeaa6ca240c0af8fcf7464920edcfac8816589ea92322fc31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62a1c559-378"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 142-bd34b8d4ac46a64367a1.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 492 B
820 B 148ms
147ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/142-bd34b8d4ac46a64367a1.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-148213030525545b8569.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

0840939a7aadc5595d1f7eaefb743f743292f2f2c742d29f150fea594a16023a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "62a1c559-1ec"
strict-transport-security: max-age=604800
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 492
x-xss-protection: 1; mode=block

GET
H2 200 px.gif
www.gismeteo.ua/ngamg/assets/ 43 B
361 B 134ms
133ms Image
image/gif 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gismeteo.ua/ngamg/assets/px.gif?ch=1&rn=5.497446361933562

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "62a1c559-2b"
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 px.gif
www.gismeteo.ua/ngamg/assets/ 43 B
361 B 133ms
133ms Image
image/gif 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gismeteo.ua/ngamg/assets/px.gif?ch=2&rn=5.497446361933562

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 10:03:05 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "62a1c559-2b"
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 cc3a59f0af28c070d69ff5f45a2c1c7f_66x44.jpeg
rss-images.gismeteo.st/cc3/a59/f0a/ 2 KB
2 KB 60ms
49ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/cc3/a59/f0a/cc3a59f0af28c070d69ff5f45a2c1c7f_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ddfe47c24f85c7685fde50a5d96ed502207995c93ccfeb48ca90be51a2f208

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: txe992d4374a40457da49d8-0062a346b5
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txe992d4374a40457da49d8-0062a346b5
accept-ranges: bytes
last-modified: Fri, 10 Jun 2022 13:03:15 GMT
server: cloudflare
etag: 6a31e5bd1fb25438dff2d32b3b2341b0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0B1dyS8vavFt2ULCz2M7H0JfMcgTHy9nBwVXOwH6GU9RcVP5%2Bk9njWnp6BnP%2FqXwvZyD6XjB1Eo1sd14t7nnH%2FyoQWA%2FqEbjlVIFO%2FS%2Fgcs0W9dazuuTp2tF0dsmyWlqgA%2BBSlyKinRcNVSXh%2FCnOhkulfc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654866194.90881
cache-control: max-age=5356800
content-length: 1674
cf-ray: 7196c2921f1d88aa-LHR

GET
H2 200 28e1b2879d91571dd24fe663346e364e_66x44.jpeg
rss-images.gismeteo.st/28e/1b2/879/ 2 KB
2 KB 60ms
50ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/28e/1b2/879/28e1b2879d91571dd24fe663346e364e_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86017a4a56067ae8c621a557302d2c8200327820464f98f579f9fc840740298d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: txeddb05a9154e4d678b490-0062a346b5
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txeddb05a9154e4d678b490-0062a346b5
accept-ranges: bytes
last-modified: Fri, 10 Jun 2022 13:03:15 GMT
server: cloudflare
etag: 3c6d701c50cf37054db79075b6d61e31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j4Vu8uhyPei%2FUBP%2BSdeahrCCFrFg11rvTaK2d0KNdI%2FGhucHc%2Beke9lBumB%2Fp1iGywRYPRZLId%2FZL%2BivwYqUA6yWyePkOx%2BaWrPIGNpDDrFaHPgAMpWsEe8GeJ5QfUfIY8Rxs%2BXeApAi5whCMfbKjbNXmF9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654866194.49869
cache-control: max-age=5356800
content-length: 1609
cf-ray: 7196c2921f1f88aa-LHR

GET
H2 200 0e87add4dc72587f0a2ae2ef936e6e66_66x44.jpeg
rss-images.gismeteo.st/0e8/7ad/d4d/ 1 KB
2 KB 64ms
54ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/0e8/7ad/d4d/0e87add4dc72587f0a2ae2ef936e6e66_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854ef43275c0fd1a200013e4a91def930c59ba2d7b68f0f658f46ae0775a6466

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx8047e7223b804bfda2fb4-0062a346b5
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx8047e7223b804bfda2fb4-0062a346b5
accept-ranges: bytes
last-modified: Fri, 10 Jun 2022 13:03:15 GMT
server: cloudflare
etag: 6c0b7337a5c2c77d0ea6a5c991c29543
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uYYatgc8PM5aLMSYnblnYCvnX0NavutQwqiQPcadadiN0wxslXeXaDHkhi%2BqfD%2BnCDGUue%2B1hMmZ8Oo1mCcUbUibZHS4CxeRhooXyqcsrhbNskQul7SbRz0IxfD4RDO9t2L539TnUUshLvrWWqawv%2FmOKHx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654866194.51336
cache-control: max-age=5356800
content-length: 1462
cf-ray: 7196c2921f2488aa-LHR

GET
H2 200 6079c539830012a437f298a9ebb5f9a9_66x44.jpeg
rss-images.gismeteo.st/607/9c5/398/ 2 KB
2 KB 62ms
53ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/607/9c5/398/6079c539830012a437f298a9ebb5f9a9_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 966c8ac33a575ef8952fef62d9d12717c85a53bffa0958ab6e4f56c7430bb5b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx4325731c52244fe5a0642-0062a346ca
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx4325731c52244fe5a0642-0062a346ca
accept-ranges: bytes
last-modified: Fri, 10 Jun 2022 13:03:15 GMT
server: cloudflare
etag: 2c7430b673f69007965f056f41b9b8bd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zw44EQH4KLFeSVlFGhx5zMLBNtVO0y0syhGBSYcWDwoDoCbk53jyAMxoWmUa9VOYMy0eBEbNEx3Sq9B4gJeXDSCEVQVFWXmehsFecdKegLLL4CuuhHvMLeDP3kM%2FzuDRUqzvHUcoT3NWrPLUeBd8Cr1BmnPu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654866194.75779
cache-control: max-age=5356800
content-length: 1659
cf-ray: 7196c2921f2388aa-LHR

GET
H2 200 cea652048cd902338ff27826abe8cf01_66x44.jpeg
rss-images.gismeteo.st/cea/652/048/ 1 KB
2 KB 60ms
51ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/cea/652/048/cea652048cd902338ff27826abe8cf01_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f1f1ca7b819de1e88294e28cc37c3ef251c723249652309b0aaf1f33ad71050

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx75104af3e5454b8a817f5-0062a31609
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx75104af3e5454b8a817f5-0062a31609
accept-ranges: bytes
last-modified: Fri, 10 Jun 2022 09:33:18 GMT
server: cloudflare
etag: 3b8081b188bc44b421b9e728b421e887
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnHpeM3%2BxRxcMkxeZE2ysvr2t6EoqIb8bUo%2FM4pwv2MMy2vC4Zozox8CvILaiyzV1IzI5fFVakN0%2BW30Ph3%2FPergDEz2WWxVNs9Dr7fYqHVxgXjaVu6Bw5wfuwiNh3XwZtvYthCindcnF%2BoG%2FZbmlLBij5nA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654853597.02080
cache-control: max-age=5356800
content-length: 1325
cf-ray: 7196c2921f2288aa-LHR

GET
H2 200 b41b4e9a5928844e3b3045b86f6e37af_66x44.jpeg
rss-images.gismeteo.st/b41/b4e/9a5/ 1 KB
2 KB 61ms
52ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/b41/b4e/9a5/b41b4e9a5928844e3b3045b86f6e37af_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a608b0e5c0fca9fbe7080712122a0a4d65c1bf8ddd87b2ad784ff1815407a53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx6bce44c0d7b94b5bbc953-0062a31609
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx6bce44c0d7b94b5bbc953-0062a31609
accept-ranges: bytes
last-modified: Fri, 10 Jun 2022 09:33:18 GMT
server: cloudflare
etag: b372cc6d55b5fb17f444115fc31a0972
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8UG%2FTUqzUjKgpx9fsjXh5EmR%2FtCoFTjE%2BD7EEeKXAmYIfwmROLRrSBGWum387%2FSUfSdejVzifl1uarqXF7jVGt%2FPj3kpm%2BM2syJzC%2F4MzI6%2F0n0Ax9kQ2QB%2FgWCFypjrm6RCNFpIPZ7bK6aS1DgJt2qMhQE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654853597.02286
cache-control: max-age=5356800
content-length: 1282
cf-ray: 7196c2921f2188aa-LHR

GET
H2 200 8f18cdd8f00c84b49c27d248ae006905_66x44.jpeg
rss-images.gismeteo.st/8f1/8cd/d8f/ 1 KB
2 KB 55ms
52ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/8f1/8cd/d8f/8f18cdd8f00c84b49c27d248ae006905_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fb3268d5184502c0c4f6c47eeb83d3d50126b7c158bec030879729456fcea90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx7476b6387704400792d8e-0062a11f39
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx7476b6387704400792d8e-0062a11f39
accept-ranges: bytes
last-modified: Wed, 08 Jun 2022 20:19:05 GMT
server: cloudflare
etag: b406aa760df494395ae2d7bb1ddac0f5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8fsiSGviJOvYJCIkuPGR3NdPJ%2FPqln9cPmoArIknRPZMl%2BKeAAmIjMEWW1l8FnmeCVaL71XaEdrV%2BdgQz7aZLm4O9Yb%2BTxFrlathND3LnT1DHc0THohDEpqDmHccJ2%2BntB0Viv1p%2F%2FGmxxA7tf%2BvtYfRL2b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654719544.59270
cache-control: max-age=5356800
content-length: 1435
cf-ray: 7196c2927f6288aa-LHR

GET
H2 200 0f05ef07fdee7f034660938f41bdda47_66x44.jpeg
rss-images.gismeteo.st/0f0/5ef/07f/ 2 KB
2 KB 54ms
51ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/0f0/5ef/07f/0f05ef07fdee7f034660938f41bdda47_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f840622694f44980f94696f8284f80d0b56d509d4a4b53a9205ea0140d0858a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: txe22a6af795894d899103c-0062a2287f
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txe22a6af795894d899103c-0062a2287f
accept-ranges: bytes
last-modified: Thu, 09 Jun 2022 16:48:53 GMT
server: cloudflare
etag: e670a5753b77c082eced34c76ee6f607
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0st14blQ0bGaXM6HqoJV4TDPT0K5CIvbNu%2FfY7UuXI2yrStsr8k1vyfySyZhfNacE31z4hubcGm6Ildk1j2WUGM3SCV8vfBEITrJM5TJjnWZSe5uUTb3Di4w%2B6OeNQprEjOKHi2z35HBKirNLyG3NGczZPH7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654793332.26806
cache-control: max-age=5356800
content-length: 1748
cf-ray: 7196c2927f6488aa-LHR

GET
H2 200 9a180fd7fc3c5748c8390624af8dd874_66x44.jpeg
rss-images.gismeteo.st/9a1/80f/d7f/ 2 KB
2 KB 56ms
53ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/9a1/80f/d7f/9a180fd7fc3c5748c8390624af8dd874_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85aa920fdc68e2aad3bee0699236416df3d0f0da7b2bcec7f783edf60b536c12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx2a966ccb8422417593273-0062a2ed40
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx2a966ccb8422417593273-0062a2ed40
accept-ranges: bytes
last-modified: Fri, 10 Jun 2022 06:49:17 GMT
server: cloudflare
etag: 0a6ff82146d2f7d5e557a79be270bad1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzRQHXAAMZsUZWCSOZkZel0d4LwVt8U763NlsuwoF9mZcl7Zc6%2FnYIemdjdIkhQDHz0nhwewZg1%2F2yHaugDBQud9ypOJPuJW8Q%2FiuoRan6%2FSegAWzeA9k0QX8gIxK8mrgxdEjIinydhZDZplxZIbMmdpDx5r"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654843756.36412
cache-control: max-age=5356800
content-length: 1585
cf-ray: 7196c2927f6588aa-LHR

GET
H2 200 4bd2cfd95e278e0a9b972ee89e224b38_66x44.jpeg
rss-images.gismeteo.st/4bd/2cf/d95/ 2 KB
2 KB 58ms
55ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/4bd/2cf/d95/4bd2cfd95e278e0a9b972ee89e224b38_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7bced10d89dcc8b4150eb433c2aa48b508162514cd3ed761e9b716bd70b4ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:38 GMT
x-openstack-request-id: tx50d09731b83f46beae4fc-0062a1e567
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx50d09731b83f46beae4fc-0062a1e567
accept-ranges: bytes
last-modified: Thu, 09 Jun 2022 11:18:45 GMT
server: cloudflare
etag: 74e52aab5ea00453e874c71f4fe0d407
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjKK5uFSNEKA2J760ocaVpmvoHuA3hdIw%2BU4%2F6f4tm3nzawXJ8gU3y6pn5uh%2Fe5DoqKhcM1X8AAXdp0bfhM9i1ZsaoeRugQz1ym3svxHuvQChAhPNBJywmHPi%2BnGkRZEcNXhB7GrMiSK5qDfxxkAh%2F7Ob1E1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-timestamp: 1654773524.35765
cache-control: max-age=5356800
content-length: 1886
cf-ray: 7196c2927f6788aa-LHR

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 61ms
61ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=0&a=1772506746&t=pageview&ds=desktop.weather&_s=1&dl=https%3A%2F%2Fwww.gismeteo.ua%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GISMETEO%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%2C%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%2C%203%20%D0%B4%D0%BD%D1%8F%2C%20%D0%B2%D1%8B%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%2C%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E%2C%2010%20%D0%B4%D0%BD%D0%B5%D0%B9%2C%20%D0%BC%D0%B5%D1%81%D1%8F%D1%86.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=726420983&gjid=1989568104&cid=1775871208.1654912899&tid=UA-12105830-25&_gid=1039486844.1654912899&_r=1&z=822490946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022060801.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 185ms
54ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 09:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127852
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 08:45:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 10 Jun 2023 09:21:50 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
724 B 192ms
64ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gismeteo.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

69203082f1a1c36dc4a1668c84a1e46b9f660839dd6d4af9e96f48c6d8c0fdaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Sat, 11 Jun 2022 02:01:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 170ms
56ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12105830-25&cid=1775871208.1654912899&jid=726420983&gjid=1989568104&_gid=1039486844.1654912899&_u=YEBAAUAAAAAAAC~&z=959678665

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 11 Jun 2022 02:01:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
galt.hit.gemius.pl/ 280 B
416 B 77ms
77ms Script
application/x-javascript 79.137.68.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/fpdata.js?href=www.gismeteo.ua
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx2.host.hit.gemius.pl
Software: GHC /
Resource Hash: d251ff039a6ddff782691e1cd9e220a27ffb95d6637d9d906c4306719e0a8c7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:39 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 280
expires: Mon, 11 Jul 2022 02:01:39 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame DC58 5 KB
3 KB 245ms
79ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 4369b15980aaca58f5fb5b597ffd801ee4399bf096222dd9e7317baaa341ab2a

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Jun 2022 02:01:39 GMT
etag: PRIVATE7520710249
expires: Mon, 11 Jul 2022 02:01:39 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 204 /
loadercdn.net/ 0
169 B 295ms
103ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=f8fb045e5ffc2c80&d=www.gismeteo.ua
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 11 Jun 2022 02:01:39 GMT
server: openresty

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 189ms
63ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.gismeteo.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 11 Jun 2022 02:01:38 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1174
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 173ms
61ms Script
application/javascript 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-76.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 11 Jun 2022 01:33:25 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:19:59 GMT
server: AmazonS3
age: 1695
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, DUS51-P2
content-encoding: gzip
x-amz-cf-id: QxwZ6TB6Er64qtRdstW5B1PFIwE1xg2dNbp_LaVKU53uAeRn9qVV8Q==

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=p6NQ0XxqY0ZTTlFzMVJUcjg2SmdUTHhVb3pMSjNoZkNVMnFGL01vUWpPMUxJcStPRXRMbzA0c0cvVmpXN0JrTk5XckhCMVJOZ3J0a0xzL1pxRWs0NXNyaHdUamgzTjd1OTN3aXBmRVpvMnA0ZXFMcXpDS0I4dnpwYjdPWX...

342 B
609 B

172ms
59ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=p6NQ0XxqY0ZTTlFzMVJUcjg2SmdUTHhVb3pMSjNoZkNVMnFGL01vUWpPMUxJcStPRXRMbzA0c0cvVmpXN0JrTk5XckhCMVJOZ3J0a0xzL1pxRWs0NXNyaHdUamgzTjd1OTN3aXBmRVpvMnA0ZXFMcXpDS0I4dnpwYjdPWXAzYVphV3pQSTd6RU1UZEptVnV5dmRwQzFXTmI4cHNWOHA4WlNUa3krUCtESER6R0puLzVzTHpUL0sxcG1TbzV1RFFNUHBBeklIRVo0Z3Q1S3RWQ0hhSGo4QTN1ZUk3SVJoSjQvaStodzRxenhHWmE0cGx3PXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

fbf18cea4cd1954566d16d7881a0d5da3df500f2a1a17c8a2261736897df3ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2680
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:38 GMT
location: https://mug.criteo.com/sid?cpp=p6NQ0XxqY0ZTTlFzMVJUcjg2SmdUTHhVb3pMSjNoZkNVMnFGL01vUWpPMUxJcStPRXRMbzA0c0cvVmpXN0JrTk5XckhCMVJOZ3J0a0xzL1pxRWs0NXNyaHdUamgzTjd1OTN3aXBmRVpvMnA0ZXFMcXpDS0I4dnpwYjdPWXAzYVphV3pQSTd6RU1UZEptVnV5dmRwQzFXTmI4cHNWOHA4WlNUa3krUCtESER6R0puLzVzTHpUL0sxcG1TbzV1RFFNUHBBeklIRVo0Z3Q1S3RWQ0hhSGo4QTN1ZUk3SVJoSjQvaStodzRxenhHWmE0cGx3PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1429
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ 213 B
622 B 190ms
61ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

0adb82bf68f122a2ba30c4b35f61b3556c959b8281e0aaab3946471e139e0dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Sat, 11 Jun 2022 02:01:38 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/46506/ Frame 191E 738 B
510 B 133ms
132ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sat, 11 Jun 2022 02:01:39 GMT
etag: W/"62824272-2e2"
expires: Wed, 17 May 2023 12:25:26 GMT
last-modified: Mon, 16 May 2022 12:24:18 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
x-id: fr5-up-gc29

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/46506/ 23 KB
8 KB 138ms
138ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:15 GMT
server: nginx
etag: W/"6282426f-5d41"
vary: Accept-Encoding
x-cached-since: 2022-05-31T08:11:42+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 01 Jun 2023 08:11:42 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/46506/ 75 KB
20 KB 150ms
150ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:04 GMT
server: nginx
etag: W/"62824264-12c39"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:27 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
640 B 233ms
131ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJTyhZEOCjAFDvHbfFW7z17ze3hXtZhKrgFqs6q9Hvcqt2XbEKCvJibHvc2ShD7NMaljgMRc%2B0Vlq2c5zPBjBRLW2DEnm0ZHlaoHhZ7VBfveGpdGv%2FEHVnqNHQPvVOwCeG28GG6%2Bptb%2B2vqocgbSXvDoSmVp"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7196c295ddc476f3-LHR
content-length: 42
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 155 B
443 B 278ms
179ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bb45c44d512c7fc2f764e3fc9429ed4a3427ae4ceba988d43b5577e2a4ab68

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTvmQd9hmX2dsBmkJNeEwIlQr8BHYLJaKWBpS%2Fg34xpV3MvLqCWQEBGRaOus0MCojKgrrU%2FhRx87Y6qal0OPIVMUkwDtiA4yHTmWFDdqdw7gbkv8BKehPQi%2BzPHHslzTsC1AImJeWOLr74FtklZEOyzu8DRj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7196c295ddc576f3-LHR
expires: 0

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 3 KB
3 KB 320ms
121ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 5e25defae7fae40a5001f3f1cf51f59d60e90ba20c6c1de92148f18cecf38908

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Sat, 11 Jun 2022 02:01:39 GMT
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ 73 B
380 B 197ms
72ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gismeteo.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dbbd2f8c-6d8c-420d-8684-0d7262939210%2Ca0af1839-7d69-4793-98c0-f67707343871%2C16b1c598-b93e-4b80-981e-0ddd6e9ae453&nocache=1654912899374&pubcid=71dc457d-5fa6-4eaf-a454-df42a4587ef0&schain=1.0%2C1!setupad.com%2C945%2C1%2C%2C%2C&aus=300x600%2C300x250%7C300x250%2C640x250%7C300x250%2C300x600&divIds=div-gpt-ad-60db1014cd16186dc2971ad8%2Cdiv-gpt-ad-60db1053cd16186dc2971ad9%2Cdiv-gpt-ad-614315f45f18840a44c3a980&auid=544016144%2C544016145%2C544016146
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 1cf76ead90ab28cec81aca0a344ed0f33bfff2d3fe010308ea3650b30ba19d71

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 185ms
66ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer1%22,%22params%22:{%22zone%22:%22562c275c-99d5-416d-931e-2af05a87a112%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22dbbd2f8c-6d8c-420d-8684-0d7262939210%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2226d83f65c12d48b%22,%22bidderRequestId%22:%22259469ff18f158e%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 11 Jun 2022 02:01:39 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 278ms
93ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=715140&size_id=15&alt_size_ids=10&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=71dc457d-5fa6-4eaf-a454-df42a4587ef0%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=dbbd2f8c-6d8c-420d-8684-0d7262939210&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7602331525174626
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9dba6309ce6bbff36d5dc87f9d818edcee140b8708093b08f0b0d801121133de

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 279ms
96ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=2028902&size_id=15&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=71dc457d-5fa6-4eaf-a454-df42a4587ef0%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=a0af1839-7d69-4793-98c0-f67707343871&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38928681358386075
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 49fcbe04a9b43d74d873fa309a5d2ef0ad8d9983997af589ec13b25cc4547794

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 281ms
97ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=706518&size_id=15&alt_size_ids=10&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=71dc457d-5fa6-4eaf-a454-df42a4587ef0%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=16b1c598-b93e-4b80-981e-0ddd6e9ae453&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4966288647077448
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dbc307aa3e225df03684f4165f82daf6bd5d5a697402052d65ae754540d87224

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
953 B 772ms
113ms XHR
application/json 209.205.201.34
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-34-201-205-209.24shells.net
Software: Adtelligent /
Resource Hash: cf2ddf0b707f96f55ecd8a893547440aff185b57ca3bac3d1800d8a390f7ac0b

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 11 Jun 2022 02:01:39 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 643

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 180ms
67ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%22e4047fa7-2ef1-47f2-ac37-e2eb4c56275e%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22dbbd2f8c-6d8c-420d-8684-0d7262939210%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2235cc78640c79448%22,%22bidderRequestId%22:%2234bb865852ad796%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%223eed7b20-e4d6-4754-8d81-9e1f39471dfb%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[640,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1053cd16186dc2971ad9%22,%22transactionId%22:%22a0af1839-7d69-4793-98c0-f67707343871%22,%22sizes%22:[[300,250],[640,250]],%22bidId%22:%2236dd7a715508ed8%22,%22bidderRequestId%22:%2234bb865852ad796%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%221bc37e72-499a-4a34-8c41-e6aeca80a400%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22div-gpt-ad-614315f45f18840a44c3a980%22,%22transactionId%22:%2216b1c598-b93e-4b80-981e-0ddd6e9ae453%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%22375635bc8e6f42c%22,%22bidderRequestId%22:%2234bb865852ad796%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 11 Jun 2022 02:01:39 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 179ms
59ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0&cb=28322521784

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 Jun 2022 02:01:39 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.gismeteo.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST auction
rtb.adxpremium.services/openrtb2/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 172ms
65ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Sat, 11 Jun 2022 02:01:39 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 175ms
66ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22a59e8cd9-62fe-423b-93df-8dd46ab09227%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22dbbd2f8c-6d8c-420d-8684-0d7262939210%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2251acc54fc1d3e44%22,%22bidderRequestId%22:%22506612311dbb3af%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22992a8906-465c-43f3-94a7-f1925a5931d2%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[640,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1053cd16186dc2971ad9%22,%22transactionId%22:%22a0af1839-7d69-4793-98c0-f67707343871%22,%22sizes%22:[[300,250],[640,250]],%22bidId%22:%2252ce1c3a0996432%22,%22bidderRequestId%22:%22506612311dbb3af%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2272bd4b55-3db2-4cde-919a-6045c3eb9e9e%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22div-gpt-ad-614315f45f18840a44c3a980%22,%22transactionId%22:%2216b1c598-b93e-4b80-981e-0ddd6e9ae453%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%2253bc6cf5bd6b625%22,%22bidderRequestId%22:%22506612311dbb3af%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 11 Jun 2022 02:01:39 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 49 KB
14 KB 316ms
201ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

87fc01f413af52173fec76fe811c4bd311892b0edcdd647140ba24a43d8b9639

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 11 Jun 2022 02:01:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f955dd23-8751-46f9-9b0d-96280cb71dbc
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 10 KB
5 KB 333ms
162ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=657865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22584121e08348de9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gismeteo.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22945%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2259126a19a512511%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_top%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22608de575bd5d4a7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_top%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226174feffd6e3b85%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_640x250_middle%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22629e966ecf1b306%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_640x250_middle%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2263497eaf462c969%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22644f82f730d4bab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3aa3c414fbf645280a571908c0eb8cc984c8a17b69dcb8f9c77946bdffe3a8a0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.41], XFF:[]
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.gismeteo.ua
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4847
x-ak-client-geo: 27
expires: Sat, 11 Jun 2022 02:01:39 GMT

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 166ms
56ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer2%22,%22params%22:{%22zone%22:%228eeeb07c-14a6-4155-8645-280af7717e71%22},%22userId%22:{%22pubcid%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%2271dc457d-5fa6-4eaf-a454-df42a4587ef0%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22dbbd2f8c-6d8c-420d-8684-0d7262939210%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2266264d65fde5d72%22,%22bidderRequestId%22:%2265973d1523829c7%22,%22auctionId%22:%2219f6daeb-2e8b-4b90-984f-9ae86e8c7d5c%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 11 Jun 2022 02:01:39 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
911 B 235ms
65ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 15 B
488 B 291ms
121ms XHR
application/json 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwMTQ3NDUmdHJhbnNhY3Rpb25JZD1kYmJkMmY4Yy02ZDhjLTQyMGQtODY4NC0wZDcyNjI5MzkyMTA%3D&bWlkPTEwMTQ3NDYmdHJhbnNhY3Rpb25JZD1hMGFmMTgzOS03ZDY5LTQ3OTMtOThjMC1mNjc3MDczNDM4NzE%3D&bWlkPTEwMTQ3NjAmdHJhbnNhY3Rpb25JZD0xNmIxYzU5OC1iOTNlLTRiODAtOTgxZS0wZGRkNmU5YWU0NTM%3D&pt=gross&stid=19f6daeb-2e8b-4b90-984f-9ae86e8c7d5c&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjcxZGM0NTdkLTVmYTYtNGVhZi1hNDU0LWRmNDJhNDU4N2VmMCI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.gismeteo.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 226ms
55ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:38 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 222ms
51ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:38 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 230ms
59ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:38 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2

200

rexdot.js Show response
galt.hit.gemius.pl/__/_1654912899407/
Redirect Chain

https://galt.hit.gemius.pl/_1654912899407/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismete...
https://galt.hit.gemius.pl/__/_1654912899407/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gism...

167 B
424 B

152ms
151ms

Script
application/x-javascript

79.137.68.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/__/_1654912899407/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4FpxEDdnRNpArfRVC5.wTYvfLtrxoVBUtHf6SZ.K.EH.b7QGPxdOx28X4isfXJAfKnzfBGR9rwlonodqT25DOmSd1NJb/.2LjAmD0Se20E/&ltime=389&fpdata=Fux8AYlwZZafdXTdF6FHQ3Uc1cfxVXhJIA4X4qMG65H.q7&fpcap=
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Server: 79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx2.host.hit.gemius.pl
Software: GHC /
Resource Hash: 0259acad7fd5fad1252f13f559fe60004413ac8b0745e8846ab7fcbe523e5f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 167
expires: Fri, 10 Jun 2022 02:01:39 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1654912899407/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4FpxEDdnRNpArfRVC5.wTYvfLtrxoVBUtHf6SZ.K.EH.b7QGPxdOx28X4isfXJAfKnzfBGR9rwlonodqT25DOmSd1NJb/.2LjAmD0Se20E/&ltime=389&fpdata=Fux8AYlwZZafdXTdF6FHQ3Uc1cfxVXhJIA4X4qMG65H.q7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 10 Jun 2022 02:01:39 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 51ms
51ms XHR
text/plain 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gismeteo.ua&pubid=fb12f96a-c574-4c9c-aae0-d4c14e79bb3f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-76.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:23 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
server: Server
age: 19215
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gismeteo.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: OHyfk2nZgn9kXIIOsJnii2Vjcji7DUqweUsiKxuphXJtq7NIb3aF2Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 94ms
94ms XHR
text/javascript 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gismeteo.ua%2F&pid=PUWHWODvHbih0&cb=0&ws=1600x1200&v=8.0.1&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-60db1014cd16186dc2971ad8%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_300x250_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-60db1053cd16186dc2971ad9%22%2C%22s%22%3A%5B%22300x250%22%2C%22640x250%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_640x250_middle%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-614315f45f18840a44c3a980%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_300x250_bottom%22%7D%5D&pubid=fb12f96a-c574-4c9c-aae0-d4c14e79bb3f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.255.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-255-76.dus51.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:39 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: JJG687NG32GZYSD2F8GA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ggGVuQ8W6lphMvw3K35wUhwa9gos1jipjQtgIRo57HIIvRM_7rofbw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 169ms
52ms XHR
application/javascript 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-76.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 03:07:16 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 82464
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: JCxF2Ih0i-mRjLNOZyVnV6rdi75JGU7txg4IAPltZQXzM_bjtLenSA==

POST
H2 200 z Show response
s.znctrack.net/ Frame E4A5 102 B
451 B 90ms
90ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: b24620ee5ffb440f6f10cd17f6314de40f563becdd4f41c1cc230e0e1a270fb7

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 11 Jun 2022 02:01:39 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 63ms
61ms Ping
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 155ms
50ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 11 Jun 2022 02:01:39 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1990
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 checkmark.svg
static.gismeteo.st/assets/icons/ 169 B
824 B 170ms
170ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/icons/checkmark.svg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-fbb658579491ddd74270.bundle.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df94b012428d4a6fdae47f60cf86ffc6eb3e3d115ba5a3e71a287f78b35074db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: br
x-openstack-request-id: tx26bb8a9aab8e4113a2474-0061dee74f
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx26bb8a9aab8e4113a2474-0061dee74f
last-modified: Tue, 24 Aug 2021 10:01:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2C%2BbP%2B%2BqaLpRDUAJR6UdKRDLWY%2BKViY5pGqIX7trwllSGI5gtTGxFoPy%2FnmzXIv3zpyZ2EuqjOK%2Bwc1kdXURMthQynFFPOsj2%2BWRKoXZnW4SyOcZXOTwVi8KzpxCioJ%2FGDf3xoC%2FQrOjpZLS3E7lXlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-timestamp: 1629799287.96440
cache-control: max-age=5356800
cf-ray: 7196c2970f76f407-LHR

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc706da7708489e7e72f770c368ad6b362f7b8be58eb221699df21b97eb8fb80

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75d19b9bf5745d06ab4472468c07fd174802282448222f92bee9d8cc0319116b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 537 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a174b4bf00eb83e8211d8425b45e6785b1af25b1d7df7d731cafcb37dc580e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ Frame E4A5 176 KB
55 KB 144ms
144ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 11 Jun 2022 02:01:39 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:23:59 GMT
server: nginx
etag: W/"6282425f-2c101"
x-cached-since: 2022-06-11T01:59:17+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 16 May 2022 12:35:26 GMT

GET
H2 200 xgemius.js Show response
galt.hit.gemius.pl/ Frame E4A5 52 KB
14 KB 78ms
78ms Script
application/x-javascript 79.137.68.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/xgemius.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx2.host.hit.gemius.pl
Software: GHC /
Resource Hash: c8735027e366b7837606564a38c5672a7fada0e7351ec677406ab22ce622903b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14031
expires: Sat, 11 Jun 2022 14:01:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 181ms
64ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gismeteo.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 181ms
64ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gismeteo.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
25 KB 649ms
535ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3244404919920552&correlator=1481218351476963&eid=31067981%2C31065401%2C42531607&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=21802255954%2Cgismeteo.ua_640x250_middle%2Cgismeteo.ua_300x250_top%2Cgismeteo.ua_branding%2Cgismeteo.ua_300x250_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=640x250%7C300x250%2C300x250%7C300x600%2C1x1%2C300x250%7C300x600&ifi=1&adks=4166766577%2C2373899931%2C3626824864%2C3942581656&sfv=1-0-38&ecs=20220611&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26hb_size%3D300x250%26stpd_pb%3D0.04%26hb_adid%3D83df884cfff10de%26stpd_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%26hb_size%3D300x600%26stpd_pb%3D0.11%26hb_adid%3D82e0b6a1c04d2d2%26stpd_bidder%3Dix%7C%7Camznbid%3D2%26amznp%3D2%26hb_size%3D300x250%26stpd_pb%3D0.04%26hb_adid%3D8515f4a54dbe7d3%26stpd_bidder%3Dix&eri=1&cust_params=g_temp%3D10-15%26g_lang%3Dru%26g_page%3Dindex%26g_city%3D2433%26g_country%3D51%26g_region%3D614%26g_weather%3Dsun%26hb_rf%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654912900184&lmt=1654912900&dlt=1654912898643&idt=631&biw=1600&bih=1200&adxs=310%2C990%2C-12245933%2C-9&adys=1038%2C275%2C-12245933%2C-9&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.gismeteo.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=660x270%7C320x270%7C0x0%7C0x-1&msz=640x0%7C300x0%7C0x0%7C0x-1&fws=4%2C4%2C132%2C2&ohw=660%2C320%2C0%2C0&ga_vid=1775871208.1654912899&ga_sid=1654912900&ga_hid=1772506746&ga_fc=true&btvi=0%7C0%7C-1%7C-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b2074b177a160ab4cf6097cbc5af280481dd65c6c6e83501896e3482622e6fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25544
x-xss-protection: 0
google-lineitem-id: 5691258419,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349314660,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 189ms
77ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed98eb226484ada005003472dd1de115845db8f1aa403bce45174adab2ee6119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10654
x-xss-protection: 0

GET
H2 200 container.html Show response
5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B3D6 6 KB
4 KB 229ms
62ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Jun 2022 02:01:40 GMT
expires: Sun, 11 Jun 2023 02:01:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 193ms
64ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jun 2022 02:01:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 189ms
68ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Jun 2022 02:01:40 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A63B 15 KB
6 KB 59ms
59ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gismeteo.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Jun 2022 02:01:39 GMT
server-processing-duration-in-ticks: 3621
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 250ms
124ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jun 2022 02:01:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7EA4 13 KB
5 KB 165ms
54ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 50115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 12:06:25 GMT
expires: Sat, 10 Jun 2023 12:06:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FED9 783 B
1 KB 179ms
63ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

081dfc4bb2b866c85e9abb8d6cb1a93b0120fb7f1be36eba0c54132750644cf3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XY6-hR9NUIeRdadCTchpxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-XY6-hR9NUIeRdadCTchpxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Jun 2022 02:01:40 GMT
expires: Sat, 11 Jun 2022 02:01:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame A63B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=gismeteo.ua&sn=ChromeSyncframe&so=3&topUrl=www.gismeteo.ua&bundle=YZoO-V80cXhWZVhsVnFuRnBvRlFvb1U1MG1wcXVKVEZIMlJGYXAxZHVDRVM4T1ZJMW4lMkZp...
https://mug.criteo.com/sid?cpp=INwHinxTR0JlYkIwRzFiS0thNlZFRDhNYkNaV3k3bGZsT00vRUFaZ0lRNUNTaWsvOGlaMlJXNnR2VWVxRktreDhrSVgyODJVR3IzcDhlbE9uK0hzZDR3ajlGMVZqN084d3J6L0Z3VVdpWGZuQVdPNWlWUDM4dS9pa3VwU2...

427 B
627 B

62ms
61ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=INwHinxTR0JlYkIwRzFiS0thNlZFRDhNYkNaV3k3bGZsT00vRUFaZ0lRNUNTaWsvOGlaMlJXNnR2VWVxRktreDhrSVgyODJVR3IzcDhlbE9uK0hzZDR3ajlGMVZqN084d3J6L0Z3VVdpWGZuQVdPNWlWUDM4dS9pa3VwU254VVZjNXNVL1N3T1kwNVNETHl4SDVwVzhXVS8rK1NFSzRxSGFZMjRVNFpmQmx3MFBsWTFpTjY0ai9JSkd0MzJCZXZwck1kcGxjeTJpZ3duWVdLaEJxUENNdlI4c3JDVWI4S285d2JxZ2pGT0p0VHk1NzcxVjRWcXBzWjdndFhkbmE4TXp1Nk0wRmowL1BMVld5TmE1RlMrQjZNemJLQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

43bdaee4d4968f586e2b0085ade4b3fe09fd1e24b6108c1043a1b25dbb513463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:40 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6728
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:40 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=INwHinxTR0JlYkIwRzFiS0thNlZFRDhNYkNaV3k3bGZsT00vRUFaZ0lRNUNTaWsvOGlaMlJXNnR2VWVxRktreDhrSVgyODJVR3IzcDhlbE9uK0hzZDR3ajlGMVZqN084d3J6L0Z3VVdpWGZuQVdPNWlWUDM4dS9pa3VwU254VVZjNXNVL1N3T1kwNVNETHl4SDVwVzhXVS8rK1NFSzRxSGFZMjRVNFpmQmx3MFBsWTFpTjY0ai9JSkd0MzJCZXZwck1kcGxjeTJpZ3duWVdLaEJxUENNdlI4c3JDVWI4S285d2JxZ2pGT0p0VHk1NzcxVjRWcXBzWjdndFhkbmE4TXp1Nk0wRmowL1BMVld5TmE1RlMrQjZNemJLQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1579
content-length: 541
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FED9 0
0 236ms
118ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060801&jk=3244404919920552&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EA4 36 KB
14 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Jun 2023 11:25:22 GMT

GET
H3 200 container.html Show response
5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4291 6 KB
3 KB 166ms
56ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Jun 2022 02:01:40 GMT
expires: Sun, 11 Jun 2023 02:01:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 36AD 6 KB
3 KB 161ms
59ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Jun 2022 02:01:40 GMT
expires: Sun, 11 Jun 2023 02:01:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9DA3 624 B
974 B 203ms
65ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLv2tssBMAE&v=APEucNV8U83vFAKTTh9qKs5-FLEDE_2xcVHRfw7QYEiuJz0ogFN3b999OBGDL9tGQ_jbjOIz0WJh07TYbpTPGdeuIKmXmODYeQrt9qvZOXBLDK2aJ_zJyvBgvj6FR5nh84TplmO2F2hY1NbumaQpKkCPCc-ipmsxAJYvJKDo-V9wNfcjqOscmdY

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Jun 2022 02:01:41 GMT
expires: Sat, 11 Jun 2022 02:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4291 27 KB
16 KB 222ms
89ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqBcE6NuhTQQhi7R6Xmah05NfJtiriE-w59Dv_aflx2AGCojSsF8DPa_AxskFzwxefTR_3tV9TA58ruf4QktgjTQAyRjQEo7Y_KSdLpRS4Nxa2ga2GXwQrqgqjmPolvEdrlgf3a-H4BoF1jXRrxKxxyPmZSA&cry=1&dbm_d=AKAmf-AX5NFHksOLKWw5sVfbxIO-X12rHoo-ULSHuhRuyV9i5lfy9o8SPo2fIBA0j9OvCZj3pGMno4c69B1eZtrOBGTycen9QeERaZudnwMMk0cn52fT3Q1YRZB1eAmQuEy4uwqtlXNgmB6g5WCUq1isfCSRYfUepL_WXZhfhN7_h4wj3AZZl7EM7d1JeNk_HgpFYQQE8VD3O-T94cQu7kLhobRFCmrtIm9jnD2MfdXX4cS1MxT1queVz_iJ3-0WnCLICvQO4OEXKOtzrbGfdfLGBa2xXM3gqwORpTbQOBtaghir4nWRX1McjUzHCqWVOlhoptQ9pNOlQekGcFDbrux9RZtfjpnP-wyRb3UYugynEklADWfbCxSgcFj3tLu1skufJ_cUZLu_ttngXANUSuWtKQoUCxDq_r6J-1kNwgK9IyhiAtuf28Lu5bZ7JG6cuGiO2n__dighammY_Ac3HLyz5HDuq0bTnRw30wyK-LGlPilVEXirbOl06rZ6gEqrTP1J_lnr1vK89R-41IM2REEAyXwK3z5rNJ-v-sQ9ner4JlxcYyShqQSzXUvlt2lZGzpi-nX3U4P0pxE3wqIN7apfGCcDlPgijwVMk1MdOh86oY_uAH5W1TDP1ABzAq0Z63yYvr-4XI7HrJCuhGz8aATdMuk4s3b-omfotecs99OA-pgoQWKmu5hnkyCk5-G4TlqBOvFY3U84kQgpC-WUueUXfGITusZrEw5qoEAhRjpiD6HrLiJuSMV12PNPQosS7f9y0bRBYq8XYD-YWnjT4kc59qYEqUIF41c3NqIIGU7NmXciaWFkhr1JWpuGa_4zlVcKwr5JKqYGrgkAR_B5LCeWiLqPBMiNk51akdAlLWRivO4nPZkwPfE2SifWoC8z0D_xFed45mNfuJl1Aeyn8E9UvkozsnvNw7Aty3w51zIQPEenP27Jmd8wUknSevqxmlqvvbtT9RvCvYWMPEUOk-EIFw4lhbEx2fv_ibQiPTpxZfKlsDgWDwVaT6mnxYMigAb9RIAGhoXj1jVfKZ9luwR8bCHoJSBPuAJJ3EhFgKIMuvSYsY3L_jNu8GK-nvIaoAMQTeL44i_dgFRF-Gyx5Nkn_jrz6YqH6Rzp54ou20nzy5tjrUyBThbCUw5QB3NuQKu2kk9o-uOGSI_1DkBk4B62Y5sYofD5PuFxSDQk6VYiEPwPn8TH2fwxSa3Wb-PXOgorZlLpsJD-cJF4o6eZU4uLISnWgCAHdsY6WG35gxCCiPBoJcs5mgnRlK2D8LURAyAzEfbp_gmgJzhcH04wF9jQEFkexhim4itahgfb-aS7JomgqEgJKTIhSDLqLh_WsSUnPQ2r3Tq0WYiNrwccCDG9-CXJ7zDfDb-tsxdQonUiVxlxPNHCHcqrMrtzL9XwMRaa4gOjQVwpbayrzE7cTwn8o851wfGmtBL-jUn30qMCam5w9LR2BkpdWEQKbny2t8Hwu53Btpd722VhtqzYSo0mJ-cBmTxGzrxrkZBGibV_npKRi4Khzxbgw42N9znP1aphIMj7-IAhoCqM253DvL_UUoNb91qoLZZ_3hyh00N7gM1BM0zyUASwzwYRS7XWGYOjwsEwkMZgEOSCh7pDJ5Sm1-6EoyYQckGJe_wTDo-oFLmAvVo9tqlLWgCJ-3siWEo2KxkGaq6xhVrCkyczWHCujujwJAS6XmDQ_4js-IOQZomHTPjfY2SrzCl6vfQCPqe8wDW4ZVIurVgnfxgkcekIz1gzq1kzWXUeYaJlCvSYoFbAYa1sLNT7ehjnV6WUKOqBqnhcQgiQdUWRhDt8aJkVfLcAhWb9geP0ov8d8ku56ItJYQGt0RgOmiRudekziCZlS9z8Gz1dV4oNUJcCSWFXnVTDn_b5iBjeVzc_aVOeKTBDfi0xFXTmS37DgRGbX3IVavKa72-szFX4nPxE0pnzF8OCSGHGndq7ecGVqmlUE37kYfl2Ut3HeEGPg5H5sScVVRaokPsiOb8kLr88zOoiAo28zBIQoznyh7PIyMHsY701LYwZ-HZLzuPQrpB02eEerxvijXDjS_GrED2l5gP9tSQLsW9W-PdhrUTuqqOYXtUXKeuzVDWMESJtVAmi2HqfY0ZiqTwmvLlF-Lf0a-fbunWktDhQIHUIeWaY04RVH2uffFOMYtYu1o3DC2tLuAqy1rmQThsJTL-gaN1rGGFqvHtMImK5g_E7MlskYPEtTnBNPKVub6FUHJ822qshpqc-XA3dyuAlJboGqDeGmQKv-sE7grJPNhe0z5xJQmJzgKfkcs954ldhwRnJVZO7mhIcujmwMorT5PtqFDZGRQAyEggG08RLZ6WDWp5jL_FVDzto3iAlqgQn9g-Vnze32i7e5jZO34-6-_fwI1xVDqjDLxSnGM9DoT_zScKJlQX7WJs1RhvPMz5FV-5pEmS61tYido2A26p4wAISD-kaIuVs2T-KPQfjepWgt0xzOIOoGVJ9VGDnuGjjEGDJrnZ-occcICsAxFz2ckcQVnWnUSsQ-cK82Z-s-cR-tD6r9aF0xEm4bmLvQDF-qDSBhxRun1Gfam-x7OA5hTpStXtuk6uYqoatOvoc9g_kEcXu7G9T8jXQ92YOn_6AOT1q8Ml-Ez_l_YCZ0JhPOhqECk6C1q_-d1G_g0H7mghr1gKpWyCNJ-f2vM7jqyIVDSa-iFmaXRiw78q76qTXfYV6xd-ZG-Rq_eo8UGDwtxdZJWS8uQw_qouhFsf8mrzvCL-HL-URVCvNQP4MFZLzpwLLHP53zy826BiE8AVHiwS5hfH9IH_RbIxiUTeghs9sHhy6ek7ZLctI1rIp_-pYoGYnCmzpunNAnMx9T_5E0como1ZRCVTETvH-UFfkk42ON_TTvZW5gsEc2sW3Q-ExMZJWpOB0ndsmqfbWHZzzWekh5oeq-ddgYvjME3boi2yAh2XVbzvkmuh37hqdxJmD7q1YftP1ZvmiayT0Pb0RsRtl6R1Hzjx9mXQzORdj5yuZrH34O1YW9FBCVOORQ_B7NGpK3G1KH37WBI8IqzIolXrdAJ8VeJlpilJB71yS1w21ogZ2olsbmJXrdHp9PUpecCV4gyIH08J3aPT5_7aQwWiw0faEUSGBOSs8ORMy3U3-gjcmjBtFlW1kO6QgM9280ej8WmpTE48qt6sFq3QkEqfP7oVP0rq6-k7dzn23yPKllUVFzuRgLcz1pAwFnLDGQY5tQ3qhBIopsW-NGC6ztWxQ8u0yiHIoAlYImb0dnjFpwKWrnMG1TphLnMjAMzp6&cid=CAASKORokUqeQgWuml5UsSxidmBdmNNlK3KM3QFVMkzG9hqGRQs-TxlkrqU&rfl=1%2Chttps%253A%252F%252Fwww.gismeteo.ua%252F%240

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47cc855588f7599b8301e9783b76d5e3efe7cb9c69816443d9760e36032c99f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16433
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4291 42 B
63 B 88ms
88ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CdTy9exxqg2f9PQZ-VsTxlhQidqlCgabmlRAa2PSzebiASAcP8H-jNYcwS_WorfPE6jcJ8640sEHYA6vCahewbz4t0PifQfEttX5FtP_i4C9HoBa0

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 4291 12 KB
5 KB 229ms
67ms Script
text/html 18.185.225.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCq4QfhPejYouuF5X13gP_hpi4D8Plq6dqlOay_s4Ptrye27ouEAEgj8G1BmCVAsgBCagDAaoE7QFP0IpOx0fL37vNq6kvSXiPFZQm9ccOfEMrkgjh0tyB3Dp75YOQYW7HhUo-aisUNSTv8fMvhyMRjvGyx6njICMTvRRK9nfkqm9Sjp-YcIPuN1E25YFHPyNLnE1LL5ItfkewrD9RVKAIqQH4lo6-nMH9aO8mvmN4CCK1zq5K-9CcrFI5GAK0nZFR6ASms63WPqbBGOAejBugjlLT1okV3jGyTwlYgJNR1YrWIZNmVkQzy_SVLJs2qe5F2FLf43-AJit_5Q3-vZ9qExwfFv0lxS2vMMm7CA9BQtVX3ZjTzXLwlNFq7FHR2_CwrwarsSzABMuLy8iBBOAEA5AGAaAGTYAHvO762gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE_DEpg_QEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORokUqeQgWuml5UsSxidmBdmNNlK3KM3QFVMkzG9hqGRQs-TxlkrqU%26sig%3DAOD64_2sc-06zUc3fwi5pn5FklGraudckQ%26client%3Dca-pub-0511822087518170%26dbm_c%3DAKAmf-AK5BojK1a_VAoUqlOPfRPVvpfxR0BgihwsFK7iC8ZePRyYhZOD1rQGtJ_TvKXzvEaafOaRuT1AvsPcHKL13xNy-tu_xFiwdDEVfNo6LS6N6OvAQnUTRuDcqPDPIEP_QgB6IO0OAK0LfbfFlY_EIG1ikEoQtw%26cry%3D1%26dbm_d%3DAKAmf-ArsRZUbJnFE9dCmNzQePP00mbkci6z6fAXbvo66aJGz0Uxna9GWtIFgrnZun1MpBYm6B1-nrT9sZbyLp1kW5njiD99nSYrIHPdnYvbIAOmnNpgd943IVyT7eooWzPbKo2U_sDj3-CXc3piqT1V93gRjWqTrp4njMfGJs4ezdlFsAM0ItJagSxwG1xGwvwvg4phHXBXTkm3E-YTG_TBOqWAMH90bNx2ucps-IiGczVk75XLE4yseOBdKVlZHzrReWRR3WdUHtovAFmnW-6BrQP9zztWYc-F3zHCgwvWSLwULk2U0HrRFm2UaJsxzhkh3zQrRq6Z7eXaM8ei5SXLZEmf_uTbUuTtR5TmAOu_9wxL3_c0FAUihPOEoolz0aC0Jg4jt0rQF1Uug-R0yuNLzyzyHyhcoenhmLwYEJ2BQ-KSJwqEQRQHwl_ejWgmm5hcCxGbLOcM-haLZQFPKia1p0qnwYCL3w%26adurl%3D$$&c=28&cn=display&pli=1078023217&gdpr=&gdpr_consent=&w=300&h=600&ord=[timestamp]&pcp=$$ABAjH0iOqlwSSrwu5zSLj9_by08h$$&z=10000
Requested by: Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.225.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-225-109.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1f7c1b39c57d258542d3bd876e1213b92f0ad1aac344325811c52a5d8030b0f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 5158
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 4291 3 KB
1 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Jun 2022 01:50:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4291 138 KB
42 KB 236ms
109ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43429
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654688687962514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Jun 2022 02:01:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 4291 17 KB
7 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Jun 2022 01:15:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4291 0
0 192ms
62ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRESf8rxxhuVtGwDyFstB3IjjdVV5sB4YD14DiBl-wUPvHMdRFMH3OKbptSAb5PrX7FBOhGStDoi_a-w1Uu3wfHPD0s6g
Requested by: Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 36AD 22 KB
7 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 09:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Jun 2023 09:05:38 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 36AD 26 KB
10 KB 165ms
52ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 8874
age: 14362
x-jsd-version: 1.13.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA, cache-lcy19274-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCOUiCYhZ6QS75xZTmTMoT%2B9uaU1dKaPknMIDIQ%2BXEtEqhG%2BEzHWotS0aFuNlopzf50xItJn%2BQCwigcb9N%2FECkllNDkWdVza1zRjvYzUxi7i4RST6eL%2FqLHmErIrtoFlNAJWjSuW475XS3dOhJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7196c2a0cc3b771f-LHR

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36AD 138 KB
42 KB 188ms
64ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43429
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654688687962514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Jun 2022 02:01:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7EA4 0
9 B 62ms
61ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2XwwsQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36AD 0
0 90ms
90ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspLKYsB2nNGFUN3KRHZ-zMPZu89sV3SykEXBCEoLItLrHEAsqHXfB15Hl5BPnkEVFw5dpdfKBCmEfig232ZT0uzp9F-8eovsU5HYMzcewKuXZBIb7_c5E2PURMt2McJ5EvXXxz_2SHkM5AD8dDs4FWPBKM953yjWp-rou4crM_tG_yY5ROw5K2ElPhQyvPtgTPiSJUnpcHrnVMHbVV-tZ50tdXGKGK-aMVozAsU0nRgh8y3xEtYJr1rk2sydbmD01iYaJ91czM4qa5h9i89dhN2768n8ezJXg6woZm5rb2yKowGqH0aLACSssY13qTNF31L7P_Ig-qtQ&sai=AMfl-YQgXjp-ApxEBigmG6u-vhFj_Wt9li2cczz36SkK2VgEiendRo_btbYzCXDlbB0WHVrF6n0I2NHMHv1OB1yE0rDve2GQRPM3l1vurAt-b6PllraibrhEfkS08Xd4PRbH&sig=Cg0ArKJSzDMZ5VwIJBSBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Jun 2022 02:01:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 11 Jun 2022 02:01:41 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
209 B 181ms
56ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 150D 990 B
1 KB 78ms
71ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=53721677;rtbwp=YqP3gwAAAAAchV9-6mG4i5mUJOsXemcdtWfXqw;rtbdata=JmhGGE0Ooy7I9wOETxpk9lEcWTdOKYur_y0Nou98SZfa5BCWavj4dZHHIt_QevMBdfbojnNZZ6GaPfz2Qmbpt2qTc8OahAQ1IseY1-U8wWbY6i7uwaCs7vFf-JTM6PlgzR4XggVonSieOc9W-kq8RQFOev4XgMjzD5dxNk7BqWvw9zoghF0MbdgC99gnsFy0ogi9vbTjejOxOfeC2nnFAfSqKVElJpMe4UFuhV40q881

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

89673d78755b341ffdcbed35fabefb9218cf5658710f5f4300ccd2c3b1f9e8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 841
expires: -1

GET
H/1.1 200
OK v1
a4485.casalemedia.com/impression/ Frame 150D 43 B
303 B 174ms
55ms Image
image/gif 185.170.63.77
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4485.casalemedia.com/impression/v1?bidID=9e3d571a-435c-4172-afea-eead76d2e45a&traceID=cahvf0svh0n9htelenqg&dspID=111&userID=&cmpro=0&deviceType=2&expiryTime=1654913499&ap=0.04&siteID=657865&creativeID=1e95ae9&pubID=186102&format=banner&channel=site
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.63.77 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:41 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9DA3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1&C=1

43 B
1014 B

81ms
81ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLv2tssBMAE&v=APEucNV8U83vFAKTTh9qKs5-FLEDE_2xcVHRfw7QYEiuJz0ogFN3b999OBGDL9tGQ_jbjOIz0WJh07TYbpTPGdeuIKmXmODYeQrt9qvZOXBLDK2aJ_zJyvBgvj6FR5nh84TplmO2F2hY1NbumaQpKkCPCc-ipmsxAJYvJKDo-V9wNfcjqOscmdY
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Jun 2022 02:01:41 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 11 Jun 2022 02:01:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9DA3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqP3hVFavOmoXqvRCd3RywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1

43 B
894 B

67ms
67ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLv2tssBMAE&v=APEucNV8U83vFAKTTh9qKs5-FLEDE_2xcVHRfw7QYEiuJz0ogFN3b999OBGDL9tGQ_jbjOIz0WJh07TYbpTPGdeuIKmXmODYeQrt9qvZOXBLDK2aJ_zJyvBgvj6FR5nh84TplmO2F2hY1NbumaQpKkCPCc-ipmsxAJYvJKDo-V9wNfcjqOscmdY
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Jun 2022 02:01:41 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIeGHAGwCXtd5yoinXrAL0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9DA3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-iC_z-HPJPG44--ATL9ew&google_cver=1

43 B
1016 B

54ms
53ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN-iC_z-HPJPG44--ATL9ew&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLv2tssBMAE&v=APEucNV8U83vFAKTTh9qKs5-FLEDE_2xcVHRfw7QYEiuJz0ogFN3b999OBGDL9tGQ_jbjOIz0WJh07TYbpTPGdeuIKmXmODYeQrt9qvZOXBLDK2aJ_zJyvBgvj6FR5nh84TplmO2F2hY1NbumaQpKkCPCc-ipmsxAJYvJKDo-V9wNfcjqOscmdY

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:41 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4d50bb20-205e-48c3-a8f0-cea56dfba88c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN-iC_z-HPJPG44--ATL9ew&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9DA3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwNzY2MjE3OTAzNDcxOTEyNQ%3D%3D

170 B
243 B

103ms
64ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwNzY2MjE3OTAzNDcxOTEyNQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:41 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 201e17a8-e48c-4fc7-b410-c59c1c870ff2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwNzY2MjE3OTAzNDcxOTEyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame 4291 27 KB
10 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqBcE6NuhTQQhi7R6Xmah05NfJtiriE-w59Dv_aflx2AGCojSsF8DPa_AxskFzwxefTR_3tV9TA58ruf4QktgjTQAyRjQEo7Y_KSdLpRS4Nxa2ga2GXwQrqgqjmPolvEdrlgf3a-H4BoF1jXRrxKxxyPmZSA&cry=1&dbm_d=AKAmf-AX5NFHksOLKWw5sVfbxIO-X12rHoo-ULSHuhRuyV9i5lfy9o8SPo2fIBA0j9OvCZj3pGMno4c69B1eZtrOBGTycen9QeERaZudnwMMk0cn52fT3Q1YRZB1eAmQuEy4uwqtlXNgmB6g5WCUq1isfCSRYfUepL_WXZhfhN7_h4wj3AZZl7EM7d1JeNk_HgpFYQQE8VD3O-T94cQu7kLhobRFCmrtIm9jnD2MfdXX4cS1MxT1queVz_iJ3-0WnCLICvQO4OEXKOtzrbGfdfLGBa2xXM3gqwORpTbQOBtaghir4nWRX1McjUzHCqWVOlhoptQ9pNOlQekGcFDbrux9RZtfjpnP-wyRb3UYugynEklADWfbCxSgcFj3tLu1skufJ_cUZLu_ttngXANUSuWtKQoUCxDq_r6J-1kNwgK9IyhiAtuf28Lu5bZ7JG6cuGiO2n__dighammY_Ac3HLyz5HDuq0bTnRw30wyK-LGlPilVEXirbOl06rZ6gEqrTP1J_lnr1vK89R-41IM2REEAyXwK3z5rNJ-v-sQ9ner4JlxcYyShqQSzXUvlt2lZGzpi-nX3U4P0pxE3wqIN7apfGCcDlPgijwVMk1MdOh86oY_uAH5W1TDP1ABzAq0Z63yYvr-4XI7HrJCuhGz8aATdMuk4s3b-omfotecs99OA-pgoQWKmu5hnkyCk5-G4TlqBOvFY3U84kQgpC-WUueUXfGITusZrEw5qoEAhRjpiD6HrLiJuSMV12PNPQosS7f9y0bRBYq8XYD-YWnjT4kc59qYEqUIF41c3NqIIGU7NmXciaWFkhr1JWpuGa_4zlVcKwr5JKqYGrgkAR_B5LCeWiLqPBMiNk51akdAlLWRivO4nPZkwPfE2SifWoC8z0D_xFed45mNfuJl1Aeyn8E9UvkozsnvNw7Aty3w51zIQPEenP27Jmd8wUknSevqxmlqvvbtT9RvCvYWMPEUOk-EIFw4lhbEx2fv_ibQiPTpxZfKlsDgWDwVaT6mnxYMigAb9RIAGhoXj1jVfKZ9luwR8bCHoJSBPuAJJ3EhFgKIMuvSYsY3L_jNu8GK-nvIaoAMQTeL44i_dgFRF-Gyx5Nkn_jrz6YqH6Rzp54ou20nzy5tjrUyBThbCUw5QB3NuQKu2kk9o-uOGSI_1DkBk4B62Y5sYofD5PuFxSDQk6VYiEPwPn8TH2fwxSa3Wb-PXOgorZlLpsJD-cJF4o6eZU4uLISnWgCAHdsY6WG35gxCCiPBoJcs5mgnRlK2D8LURAyAzEfbp_gmgJzhcH04wF9jQEFkexhim4itahgfb-aS7JomgqEgJKTIhSDLqLh_WsSUnPQ2r3Tq0WYiNrwccCDG9-CXJ7zDfDb-tsxdQonUiVxlxPNHCHcqrMrtzL9XwMRaa4gOjQVwpbayrzE7cTwn8o851wfGmtBL-jUn30qMCam5w9LR2BkpdWEQKbny2t8Hwu53Btpd722VhtqzYSo0mJ-cBmTxGzrxrkZBGibV_npKRi4Khzxbgw42N9znP1aphIMj7-IAhoCqM253DvL_UUoNb91qoLZZ_3hyh00N7gM1BM0zyUASwzwYRS7XWGYOjwsEwkMZgEOSCh7pDJ5Sm1-6EoyYQckGJe_wTDo-oFLmAvVo9tqlLWgCJ-3siWEo2KxkGaq6xhVrCkyczWHCujujwJAS6XmDQ_4js-IOQZomHTPjfY2SrzCl6vfQCPqe8wDW4ZVIurVgnfxgkcekIz1gzq1kzWXUeYaJlCvSYoFbAYa1sLNT7ehjnV6WUKOqBqnhcQgiQdUWRhDt8aJkVfLcAhWb9geP0ov8d8ku56ItJYQGt0RgOmiRudekziCZlS9z8Gz1dV4oNUJcCSWFXnVTDn_b5iBjeVzc_aVOeKTBDfi0xFXTmS37DgRGbX3IVavKa72-szFX4nPxE0pnzF8OCSGHGndq7ecGVqmlUE37kYfl2Ut3HeEGPg5H5sScVVRaokPsiOb8kLr88zOoiAo28zBIQoznyh7PIyMHsY701LYwZ-HZLzuPQrpB02eEerxvijXDjS_GrED2l5gP9tSQLsW9W-PdhrUTuqqOYXtUXKeuzVDWMESJtVAmi2HqfY0ZiqTwmvLlF-Lf0a-fbunWktDhQIHUIeWaY04RVH2uffFOMYtYu1o3DC2tLuAqy1rmQThsJTL-gaN1rGGFqvHtMImK5g_E7MlskYPEtTnBNPKVub6FUHJ822qshpqc-XA3dyuAlJboGqDeGmQKv-sE7grJPNhe0z5xJQmJzgKfkcs954ldhwRnJVZO7mhIcujmwMorT5PtqFDZGRQAyEggG08RLZ6WDWp5jL_FVDzto3iAlqgQn9g-Vnze32i7e5jZO34-6-_fwI1xVDqjDLxSnGM9DoT_zScKJlQX7WJs1RhvPMz5FV-5pEmS61tYido2A26p4wAISD-kaIuVs2T-KPQfjepWgt0xzOIOoGVJ9VGDnuGjjEGDJrnZ-occcICsAxFz2ckcQVnWnUSsQ-cK82Z-s-cR-tD6r9aF0xEm4bmLvQDF-qDSBhxRun1Gfam-x7OA5hTpStXtuk6uYqoatOvoc9g_kEcXu7G9T8jXQ92YOn_6AOT1q8Ml-Ez_l_YCZ0JhPOhqECk6C1q_-d1G_g0H7mghr1gKpWyCNJ-f2vM7jqyIVDSa-iFmaXRiw78q76qTXfYV6xd-ZG-Rq_eo8UGDwtxdZJWS8uQw_qouhFsf8mrzvCL-HL-URVCvNQP4MFZLzpwLLHP53zy826BiE8AVHiwS5hfH9IH_RbIxiUTeghs9sHhy6ek7ZLctI1rIp_-pYoGYnCmzpunNAnMx9T_5E0como1ZRCVTETvH-UFfkk42ON_TTvZW5gsEc2sW3Q-ExMZJWpOB0ndsmqfbWHZzzWekh5oeq-ddgYvjME3boi2yAh2XVbzvkmuh37hqdxJmD7q1YftP1ZvmiayT0Pb0RsRtl6R1Hzjx9mXQzORdj5yuZrH34O1YW9FBCVOORQ_B7NGpK3G1KH37WBI8IqzIolXrdAJ8VeJlpilJB71yS1w21ogZ2olsbmJXrdHp9PUpecCV4gyIH08J3aPT5_7aQwWiw0faEUSGBOSs8ORMy3U3-gjcmjBtFlW1kO6QgM9280ej8WmpTE48qt6sFq3QkEqfP7oVP0rq6-k7dzn23yPKllUVFzuRgLcz1pAwFnLDGQY5tQ3qhBIopsW-NGC6ztWxQ8u0yiHIoAlYImb0dnjFpwKWrnMG1TphLnMjAMzp6&cid=CAASKORokUqeQgWuml5UsSxidmBdmNNlK3KM3QFVMkzG9hqGRQs-TxlkrqU&rfl=1%2Chttps%253A%252F%252Fwww.gismeteo.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
server: cafe
etag: 12800787445863738695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Jun 2022 01:58:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4291 41 KB
15 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 150D 33 KB
16 KB 324ms
138ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53721677;rtbwp=YqP3gwAAAAAchV9-6mG4i5mUJOsXemcdtWfXqw;rtbdata=JmhGGE0Ooy7I9wOETxpk9lEcWTdOKYur_y0Nou98SZfa5BCWavj4dZHHIt_QevMBdfbojnNZZ6GaPfz2Qmbpt2qTc8OahAQ1IseY1-U8wWbY6i7uwaCs7vFf-JTM6PlgzR4XggVonSieOc9W-kq8RQFOev4XgMjzD5dxNk7BqWvw9zoghF0MbdgC99gnsFy0ogi9vbTjejOxOfeC2nnFAfSqKVElJpMe4UFuhV40q881
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6432ec4ed5666c89f540968f6fe64c4d21a82a976b9008d64a64b335c781b68b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 14:08:59 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 12 Jun 2022 05:30:45 GMT

GET
DATA 200
OK truncated
/ Frame 36AD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7347d769f2eaa66b188bdea69e3de440e289d51769d5b0af2c08640d45b80d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ebStdBanner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ Frame 4291 218 KB
63 KB 208ms
54ms Script
application/javascript 193.108.153.28
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCq4QfhPejYouuF5X13gP_hpi4D8Plq6dqlOay_s4Ptrye27ouEAEgj8G1BmCVAsgBCagDAaoE7QFP0IpOx0fL37vNq6kvSXiPFZQm9ccOfEMrkgjh0tyB3Dp75YOQYW7HhUo-aisUNSTv8fMvhyMRjvGyx6njICMTvRRK9nfkqm9Sjp-YcIPuN1E25YFHPyNLnE1LL5ItfkewrD9RVKAIqQH4lo6-nMH9aO8mvmN4CCK1zq5K-9CcrFI5GAK0nZFR6ASms63WPqbBGOAejBugjlLT1okV3jGyTwlYgJNR1YrWIZNmVkQzy_SVLJs2qe5F2FLf43-AJit_5Q3-vZ9qExwfFv0lxS2vMMm7CA9BQtVX3ZjTzXLwlNFq7FHR2_CwrwarsSzABMuLy8iBBOAEA5AGAaAGTYAHvO762gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE_DEpg_QEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORokUqeQgWuml5UsSxidmBdmNNlK3KM3QFVMkzG9hqGRQs-TxlkrqU%26sig%3DAOD64_2sc-06zUc3fwi5pn5FklGraudckQ%26client%3Dca-pub-0511822087518170%26dbm_c%3DAKAmf-AK5BojK1a_VAoUqlOPfRPVvpfxR0BgihwsFK7iC8ZePRyYhZOD1rQGtJ_TvKXzvEaafOaRuT1AvsPcHKL13xNy-tu_xFiwdDEVfNo6LS6N6OvAQnUTRuDcqPDPIEP_QgB6IO0OAK0LfbfFlY_EIG1ikEoQtw%26cry%3D1%26dbm_d%3DAKAmf-ArsRZUbJnFE9dCmNzQePP00mbkci6z6fAXbvo66aJGz0Uxna9GWtIFgrnZun1MpBYm6B1-nrT9sZbyLp1kW5njiD99nSYrIHPdnYvbIAOmnNpgd943IVyT7eooWzPbKo2U_sDj3-CXc3piqT1V93gRjWqTrp4njMfGJs4ezdlFsAM0ItJagSxwG1xGwvwvg4phHXBXTkm3E-YTG_TBOqWAMH90bNx2ucps-IiGczVk75XLE4yseOBdKVlZHzrReWRR3WdUHtovAFmnW-6BrQP9zztWYc-F3zHCgwvWSLwULk2U0HrRFm2UaJsxzhkh3zQrRq6Z7eXaM8ei5SXLZEmf_uTbUuTtR5TmAOu_9wxL3_c0FAUihPOEoolz0aC0Jg4jt0rQF1Uug-R0yuNLzyzyHyhcoenhmLwYEJ2BQ-KSJwqEQRQHwl_ejWgmm5hcCxGbLOcM-haLZQFPKia1p0qnwYCL3w%26adurl%3D$$&c=28&cn=display&pli=1078023217&gdpr=&gdpr_consent=&w=300&h=600&ord=[timestamp]&pcp=$$ABAjH0iOqlwSSrwu5zSLj9_by08h$$&z=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cd3901ec47f7973dde7eb9ff3cae27bd49cf8a3ee751db2af0d1a49a7e239cda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: W/"b43168f6a7292751e77fa865476ff920"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=567817
accept-ranges: bytes
content-length: 63902
x-amz-cf-id: NvamqRsYM_udoehH1iKyiAC2qk4-eAToWaud7IsMf2DDcTL4Kqyhvg==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5B8C 22 KB
8 KB 55ms
54ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 51617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4291 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b8e86c39020b6424e9b4393a40dd67d7e25c648599209812c6659f5795574f1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B8C 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Jun 2023 11:25:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B8C 0
20 B 89ms
89ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOzyEhfejYoCXEYqwgQfTtqroDQAAAAA4AeAEAg&bg=!aWqlai7NAAaJfvByqX47ACkAdvg8Wop9dAV9ytnLbxbfWqY69ypxYKCDUD-viMt2ODCCHiBoBY7-5gIAAABOUgAAAAJoAQcKABdJblg57ai3Mxwt2ryNHL9Nl6AexzEG35kC7RuOJX8pkCGGdmMNQhKzPaDgqLKPc-_9o4q0D0Tcvp_EaGIZjc1_RKvomWuOEhFDMYNEHbKahai0O6SdAjDxMVN2fFoiq9hZCfFx0c4cINsVqnQs09qZaJLhV291cA2R4J1ivS0W-F5r3o8laocxG92k_MqXB7IYHKlbqKtrrM_xOowBZRTqYDtkQQkkj_de0VkkyjnfmUrtNCuJwD3CC_UDSWB0diuIHAC1HewboL85gl3OFhH7g_LkV6SFzmi2JrLO16Wymsz28emOSrHB_IvvFFwiiO2YOlVSCLrZlRvEC0ZDImE6OB4gvHuAerDa_uGt01Qg_2ibNck7k6-TSDRlS_bPraCv3Xy40-E7n5oMV1YeTYqBR4_CYQXVSL9hU60nWAYQ90JIvWoOA3wy8XPDO6h8bZO_h7VKKVIpDcHm8pPs7Fv-t51z8-vewyr-u8fcmXTq7gmnxW0AjeMcBF5RFlpbxM-XyrNd6rcghuaFqFnpE2xCtzThozZZlAv4ZP3-CfLn23PGUJgixkgYyokdNd-UUVQQ1attY5OuiQmab-XoexYb6p5oCkZVFml4GaFA_D3Rl76MW774JB_R7RufwtjXngcM3OJH12Tt-joM1v5CzFEWs2G3pB7FIAhcoeXHPjDY4DBfnaw8eSubPBmgtHySRugCX2yABBKMyeRLoMXtCmSa0gWysVhGjpIvLMfrJC9mhd3BYltwXuMbtZgaR1_zgq2twrj981V3uCV69BAhbpVTKQLNxXiWVbp2uFVTaXphHYP20oWrzeaMGSi02tiEypnCE7SBKgLhFALqghuOGhZfTT-jF0ONmHsn3RBOphlkgOSUXS14UOmL4Mz3LY0T8Ei3XE3gZ1BiWJy2Zev9XHf339-jPxePIz0QvMVgu7Z-csg3G0d_j2q1g65EJXU5-qoUtJegpf9pyeweoviSO_VvdvwXVln1JBFVilIeQ7PGENgdnGm7ENJ5ijeS2anzO-Mjc5f3ps4z

Requested by

Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_87_0_0/ Frame 4291 7 KB
2 KB 54ms
53ms Script
application/javascript 193.108.153.28
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_87_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 14:07:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: W/"5ac70b83663a79f3a383c3a53f62eafd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=566749
accept-ranges: bytes
content-length: 1947
x-amz-cf-id: vyHNxmJeprmXWn1t7PaDA1Yi1HtE8ETdeRUVxYxQTI-tX8yjZBLDPA==

GET
H2 200 300x600_71100016087827139.jpg
secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20220524/ Frame 4291 27 KB
27 KB 59ms
58ms Image
image/jpeg 193.108.153.28
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20220524/300x600_71100016087827139.jpg
Requested by: Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 730d271d9ae68129232e08123e4eefc1bf66b3fbaff3c4076c1a5a335a46c729

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vfbUhiExCxT2WV4Ak7RIRPyA.U00Nm6T
last-modified: Tue, 24 May 2022 14:30:01 GMT
server: ATS/7.1.0
x-amz-request-id: WJ3HZ1WZH8DHEK3Y
etag: "cd1e02efbd0a5442dbaa4a630578516d"
content-type: image/jpeg
access-control-allow-origin: *
date: Sat, 11 Jun 2022 02:01:41 GMT
accept-ranges: bytes
content-length: 27545
x-amz-id-2: f/q6zLpCJTqcZD8isz0Khj7EP9petpdHFAcmijXbDZtDtf/PjcpL4nmDU4jgBsju3f8Sm57o3lo=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 OBA.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 4291 1 KB
2 KB 54ms
54ms Image
image/png 193.108.153.28
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA.png
Requested by: Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
last-modified: Wed, 22 Dec 2021 10:52:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: "31463dfa117c756dc021835384e93387"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1411
x-amz-cf-id: cbXXCxFS5szuSS3H-W5NmnQC4IQP5rlylKCxnwjhq_lU9-1FWsYfjQ==

GET
H2 200 OBA_DEFAULT.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 4291 2 KB
2 KB 55ms
54ms Image
image/png 193.108.153.28
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA_DEFAULT.png
Requested by: Host: 5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
URL: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
last-modified: Wed, 22 Dec 2021 10:52:14 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "cfebfa91510d9fe13a4186ba4c48596b"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2198
x-amz-cf-id: Vo7d-JpH6SCmoAWtd3MCUvDBC29pe72--6vm1ApAVmVu94ebaG2Fbw==

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 150D 5 KB
3 KB 72ms
71ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=53721677;rtbwp=YqP3gwAAAAAchV9-6mG4i5mUJOsXemcdtWfXqw;rtbdata=JmhGGE0Ooy7I9wOETxpk9lEcWTdOKYur_y0Nou98SZfa5BCWavj4dZHHIt_QevMBdfbojnNZZ6GaPfz2Qmbpt2qTc8OahAQ1IseY1-U8wWbY6i7uwaCs7vFf-JTM6PlgzR4XggVonSieOc9W-kq8RQFOev4XgMjzD5dxNk7BqWvw9zoghF0MbdgC99gnsFy0ogi9vbTjejOxOfeC2nnFAfSqKVElJpMe4UFuhV40q881;js=1;adfxid=1x;6578;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.gismeteo.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

762ce98246d4677073afda507d0985bf2c632b8c423aa07252f9956e345cfe9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2305
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 106ms
106ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060801&jk=3244404919920552&bg=!AAOlA0fNAAaJfvByqX47ACkAdvg8WkSAYx7gCTmgXgl3gOYXWuSG6skFQgUtDp2aKsYWFvjZUPzZtQIAAADHUgAAAAJoAQcKAHLZox6aGHZmB66EoDv9B5CyImOzUPfgcnBdaJMP2MIQuBvQlgxRzP1dLfwUTrGl-bUmEiv2WsIKrWQYim_GF4SMqAKSVjOrNeMYe3HP195hjm_p-j4rcjJUzGMRcMcw251mwLauvysMwojhpSHSG_x9na2ZAqe17I4DNQ8Gv0juEfTVi_ERQXB_hYcsWtjyKZOqsUJXqnr1fxg7-yguVzr2NBPU8YyIKebbGvPWmKiIcsgOQhD6WwIQ0jPHG2M7xomeGmNOmoAWx9tdpB_zKiu_ANnjjdjQ4ZFRX3VZ60y_uiMSJN87QrqpXv3NzgB0djxjrDrRDFk8QPThno2UIr_-c7kb15UnvMNgVNDP3n0k0hKHz20GLaMa5r8L-xz52ElxxtghVgVDiBixqWcN9dMj7qoAr5kAhDREyjMyGDtXxM7J4XDsHQmpFKP_1ZTbPWH_8E3JHCXz4F5cEQOM6zYT05BCGLjdkJ2mfeDtj5jgtYWeIjKFn_DXIG4lxZeMWnpCs9IRxpRCcrpK9Rxu0zZ8RE8qhiqkCrBngoD32lLzsV_jCNKC5uMzyM90yBOWEl1fxi631qXNCHlvWPWOHPGe7XU0N7VDxanowg1cPNOhO7Cpmzh9ryIc3Tc4FXMw4hwisCJLwIoHGbhGKA7KinVoXUv0X1gvKFDvN4NOvzgG_z2KcBtCJ_l3FMDEbWxv2ymKbQeQgSkKC35yVsSfIFzBS6VfHvVlxsO7yYcb6XIJqbEzPQoNbr6Rm9Hkd1UARVr4lCjZ7kxQtPLWAAkpx6sDWbxQWt2kSMIjKpKksEue9xHtX5Qd6ABQBVTNftFtBOxhutzPNYTUQ6fJZ8AB_PUR11uSG9v-aHHRlWjx2jncJJaP0Z6vfbMD2cdXqR08uo5n_1VntJugQaP2ZFCZVzvt6MQDlKCYbWxVj4rr8eh8b-VMOOfJmqcJeIWMqJ6g9Bd65KNqvYsUiZOt0TBN19vTMHy4F5FZv_P701VA-rXCzYOFt5t5_2Nl7CndfD0C3tCnSvwnmZnnLH-Bzwa_fQCxCGXnY7VpyzrN5GkR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 4291 0
230 B 311ms
58ms XHR
text/plain 3.122.149.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.149.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-149-33.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame 4291 24 B
629 B 63ms
63ms XHR
text/html 18.185.225.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=7372857471015283666&ai=1087276594&usercookie=u2=2e4ea999-52ba-4119-858f-d1f02dabc008&oo=0&clsrc=2&clbv=_2_220_3_0&gdprpurposes=1023&dg=1077031740&sdg=1077889017&ctick=75&ord=0.3026296969571891
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.225.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-225-109.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36AD 0
0 199ms
90ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPY4gW7Ph-kxntNczFuCzM87ZY2xXymR6b4XzUGfYVkvzh9dqR5FpbFiRE5J2rTbv1erAMjP5GFPg24ApuJxF7Vf-To9XSw9u1SjQg6aR0VUSa1hvle210ePY5XBpdcLFAeD9rABjYB8tVhfcGzZZt9G2ShPE6hi5grIMUs6ZHxn8EH677Bu0yvpc9m0rwNsYxUPKRjevCSulzDnxk3i6hG7ZLzcWf1VIfB0AiWsLlvi3rtQwU0o3im04ysVTF0ye1pBTGQBlkj6oEqkAtr-HYgXP28h24gCr2Td7tPh_s5atnh8mP1tWZAlV2woHpw2CJeaqCDPYHAo3H&sai=AMfl-YTaqrKxhyKz1rGNQZlycX8wQye-9oRCRpYaXT2zJe03dykQ-wJx5uazrwjWTlaDcRrZLMffVKucsDncV7ztzqAKrFRwLsSTBUufsoGw8IZWhnxchLzE5cCUq8QJ0LBF&sig=Cg0ArKJSzH3p8upkmeVcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Jun 2022 02:01:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 11 Jun 2022 02:01:41 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 150D 85 KB
36 KB 92ms
91ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 14:08:59 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 12 Jun 2022 05:32:57 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 150D 35 B
503 B 71ms
71ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=53721677&csi=5ZM7V7erZkq8_oP3_6HHiI0yPiqt0eGa4ejd49Tn7wjrygPkIxxfkwS8pEZpDFNPJn7YaaYLHJ_-B0xHwbbyJGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 52090379.png
s1.adform.net/Banners/52090379/ Frame 150D 92 KB
92 KB 85ms
85ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/52090379/52090379.png?bv=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4777b19432f00581f2b4f8aebbc246ea5f18431654306b697c49560ace61dd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:41 GMT
last-modified: Wed, 09 Mar 2022 08:32:02 GMT
server: nginx
etag: "62286602-16fc3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 94147

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 4291 0
503 B 62ms
62ms XHR
text/html 18.185.225.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1087276594~~0~~1077031740~~7372857471015283666%5EActualSize~300x600x0x1x0000x0x0x300x600~0~01020~296$$&usercookie=u2=2e4ea999-52ba-4119-858f-d1f02dabc008&rnd=0.11124346783710459&flv=0&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.225.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-225-109.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
208 B 57ms
57ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 11 Jun 2022 02:01:42 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4291 42 B
64 B 93ms
92ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLaYHzdygYyEcwjto4dLjJH9QALB4EEcYL1qSJw5Pe9tmc9_YHTTDtv6pOPldE5zxpOca12XU8Cp5Nn23UzPzlrbZ2bLwV6Vfa-WLXkarVmQ8&sai=AMfl-YT0mCiw3ZuIJR6IOClkiSR4WZqiOKtQmpdh-4YeqqhAD5yFSt_kVho9nPTKO_iY3Ky6oowcQjgBFeYYiMrF53KgqTIwjzVZfG9rVFyKSsxAE4S9H4sdCGL0EoQxsa22&sig=Cg0ArKJSzFmydpNpaqz2EAE&cid=CAASKORokUqeQgWuml5UsSxidmBdmNNlK3KM3QFVMkzG9hqGRQs-TxlkrqU&id=lidar2&mcvt=1000&p=150,1249,190,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2373899931&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654912900903&rpt=541&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36AD 42 B
64 B 88ms
87ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVd-YYK42yNXDzte5tVSQ552O9MeJKWpVNFVID3C9leH36W3j47W2Ivcfg9eGBQohNPcHqCLCbPRmULcUmpGvTafbwd9vFi8lde4ioPtQol5V-Sj5M&sig=Cg0ArKJSzBqB21DOIYs4EAE&id=lidar2&mcvt=1000&p=913,480,1163,780&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=4166766577&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654912900910&rpt=886&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame AB1C 3 KB
2 KB 214ms
53ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Jun 2022 02:01:43 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 204 d
ic.tynt.com/r/ Frame 3EFA 0
0 389ms
127ms Document
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Sat, 11 Jun 2022 02:01:43 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 1BA9
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4b3a5476-7621-448f-82c8-bc7f65b5a685

0
407 B

1250ms
1017ms

Document
text/plain

23.227.139.243

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4b3a5476-7621-448f-82c8-bc7f65b5a685
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 11 Jun 2022 02:01:43 GMT
Etag: 69308c2bb861d8e2
Server: VertaMedia 1.0

Redirect headers

content-length: 0
date: Sat, 11 Jun 2022 02:01:43 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4b3a5476-7621-448f-82c8-bc7f65b5a685
server: _

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame C666 0
91 B 113ms
70ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 11 Jun 2022 02:01:43 GMT
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7F36 52 KB
17 KB 169ms
53ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 77660
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 11 Jun 2022 02:01:43 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 26 May 2022 04:26:53 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 809167
X-Served-By: cache-lga21974-LGA, cache-hhn4065-HHN
X-Timer: S1654912903.311419,VS0,VE0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6F80 38 KB
14 KB 170ms
54ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=81387
content-encoding: gzip
content-length: 13941
content-type: text/html; charset=UTF-8
date: Sat, 11 Jun 2022 02:01:43 GMT
etag: "1302647-96a7-5da3b2ade946f"
expires: Sun, 12 Jun 2022 00:38:10 GMT
last-modified: Tue, 15 Mar 2022 05:35:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 07E2 2 KB
1 KB 828ms
112ms Document
text/html 209.205.206.178
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.206.178 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: c2457b3259b6125151889823525019f87046a456ae572910cc549e5c8172facd

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.gismeteo.ua
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 774
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Jun 2022 02:01:43 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 1A1A 610 B
789 B 65ms
63ms Document
text/html 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 0bcdd418d545e6fcfbcb700691a6cd84b3c672c5244c7a582c38a35462142067

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 610
content-type: text/html

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C3B9 281 B
554 B 176ms
56ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Jun 2022 02:01:43 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7e463edd-8a5e-4b94-8fec-9e70ea8fcc16

0
0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8307662179034719125

0
390 B

1791ms
385ms

Image
text/plain

23.227.139.243

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8307662179034719125
Protocol: HTTP/1.1
Server: 23.227.139.243 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 02:01:44 GMT
Server: VertaMedia 1.0
Etag: 69308c2bb861d8e2
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:43 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 995e3163-2b87-4793-8295-d91b41fda7ff
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8307662179034719125
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 1A1A
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2a4772a9-449c-4bc5-b4f6-fabdb3945378&ssp=between&gdpr=&gdpr_consent=

43 B
356 B

184ms
62ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2a4772a9-449c-4bc5-b4f6-fabdb3945378&ssp=between&gdpr=&gdpr_consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:44 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2a4772a9-449c-4bc5-b4f6-fabdb3945378&ssp=between&gdpr=&gdpr_consent=
Date: Sat, 11 Jun 2022 02:01:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 btw
sync.dmp.otm-r.com/match/ Frame 1A1A 0
69 B 196ms
61ms Image
text/plain 148.251.4.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=6605102a-7f94-52a2-abd2-c882c9713f01
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.4.251.148.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 11 Jun 2022 02:01:43 GMT
server: nginx/1.17.6

GET
H2

200

match
ads.betweendigital.com/ Frame 1A1A
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0rTWCJUXMef.AikABlGBUH7q3A

68 B
607 B

64ms
64ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0rTWCJUXMef.AikABlGBUH7q3A
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f10-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0rTWCJUXMef.AikABlGBUH7q3A
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 1A1A
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=6605102a-7f94-52a2-abd2-c882c9713f01
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiH74-VBlIFvp7KygpiJDY2MDUxMDJhLTdmOTQtNTJhMi1hYmQyLWM4ODJjOTcxM2YwMQ**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiH74-VBlIFvp7KygpiJDY2MDUxMDJhLTdmOTQtNTJhMi1hYmQyLWM4ODJjOTcxM2YwMaIBEHEYoSjpKhHshuAAJZDAZHw*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiH74-VBmIkNjYwNTEwMmEtN2Y5NC01MmEyLWFiZDItYzg4MmM5NzEzZjAxogEQcRihKOkqEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiH74-VBmIkNjYwNTEwMmEtN2Y5NC01MmEyLWFiZDItYzg4MmM5NzEzZjAxogEQcRihKOkqEeyG4AAlkMBkfA**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7118a128-e92a-11ec-86e0-002590c0647c

68 B
607 B

64ms
64ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7118a128-e92a-11ec-86e0-002590c0647c
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Sat, 11 Jun 2022 02:01:43 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7118a128-e92a-11ec-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 150D 35 B
503 B 71ms
70ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2901319731568019291@@53721677,8875879591800606978,100|1002|0|0|0|0|0|0|0||39|1|1538|7109e03d-afcc-414d-8640-ece6b9244fbd_3|||1|0|0|btWl5_QDq5tX7EYoWZQhUSVjHfX6UGBX2sNYg52cLYBXqt47Uv0yGxhpnBRkvb3lA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 150D 35 B
303 B 72ms
71ms Image
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=53721677&event=178&time=2&baid=52090379&name=Viewable%20impressions&imprid=8875879591800606978&icid=2901319731568019291&eData=5ZM7V7erZkoIW4OXeyRcLnh9ErTV8WMW4fn4X_ACi5hTGQu2oDMobvkfZSNE2ENZq6J7ZHnzLogau94oJsHc8Q2&rtbdata=JmhGGE0Ooy7I9wOETxpk9lEcWTdOKYur_y0Nou98SZfa5BCWavj4dZHHIt_QevMBdfbojnNZZ6GaPfz2Qmbpt2qTc8OahAQ1IseY1-U8wWbY6i7uwaCs7vFf-JTM6PlgzR4XggVonSieOc9W-kq8RQFOev4XgMjzD5dxNk7BqWvw9zoghF0MbdgC99gnsFy0ogi9vbTjejOxOfeC2nnFAfSqKVElJpMe4UFuhV40q881&rtbwp=YqP3gwAAAAAchV9-6mG4i5mUJOsXemcdtWfXqw&rnd=242010626

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 4A84 4 KB
1 KB 269ms
53ms Document
text/html 151.236.118.210
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6605102a-7f94-52a2-abd2-c882c9713f01&CACHEBUSTER=69576
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 11 Jun 2022 02:01:43 GMT
etag: W/"60bf907f-ee9"
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 311
x-cdn-request-id: 5acc0b73a21a327354acf3a78691496e

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7F36 0
743 B 54ms
53ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:43 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6de912fe-0f2c-4293-b891-ee1824327222
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 6F80 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C3B9 31 KB
10 KB 56ms
56ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 02:01:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 17:17:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34487
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Sat, 11 Jun 2022 11:36:30 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame CAFD 1 KB
3 KB 245ms
85ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cb12e326d800b4d87d4e221c31dc81af6cbfd3c9ee7b2c43d2e4fd866f8145f2

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1530
Content-Type: text/html
Date: Sat, 11 Jun 2022 02:01:43 GMT
Dropped-Udsids: 230|39|241|46|40|130|73|111
Expires: Sat, 11 Jun 2022 02:01:43 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

GET
H2

200

match
ads.betweendigital.com/ Frame 4A84
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=6605102a-7f94-52a2-abd2-c882c9713f01&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=2a4772a9-449c-4bc5-b4f6-fabdb3945378

68 B
607 B

64ms
63ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=2a4772a9-449c-4bc5-b4f6-fabdb3945378
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=2a4772a9-449c-4bc5-b4f6-fabdb3945378
Date: Sat, 11 Jun 2022 02:01:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C3B9
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/IsOqRnnsZhIBMwklEKqY58n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7199833116245905614

0
239 B

55ms
55ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7199833116245905614
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

date: Sat, 11 Jun 2022 02:01:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7199833116245905614
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C3B9
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L498ETQE-1G-CCWU&sigv=1&esig=2~42a2d8034f5a16862599e0f7af252f7cb3af40d2

0
194 B

175ms
54ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L498ETQE-1G-CCWU&sigv=1&esig=2~42a2d8034f5a16862599e0f7af252f7cb3af40d2

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L498ETQE-1G-CCWU&sigv=1&esig=2~42a2d8034f5a16862599e0f7af252f7cb3af40d2
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame C3B9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mzhRY4_lS5CXTur3puFLEA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mzhRY4_lS5CXTur3puFLEA

43 B
556 B

61ms
60ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mzhRY4_lS5CXTur3puFLEA

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A7R2NDS0MSS837ZX0XGX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=mzhRY4_lS5CXTur3puFLEA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3B9
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5OEVUUUUtMUctQ0NXVQ==

170 B
188 B

64ms
63ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5OEVUUUUtMUctQ0NXVQ==

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ5OEVUUUUtMUctQ0NXVQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C3B9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AUu0hSlSS6KppZ2Wb5qTgg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AUu0hSlSS6KppZ2Wb5qTgg

43 B
556 B

139ms
138ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AUu0hSlSS6KppZ2Wb5qTgg

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A85VKR01JK92KPDHYXX8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AUu0hSlSS6KppZ2Wb5qTgg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3B9
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk4OGU0ZjNiZTI5ODU0YWFmYzVkZjllZWEwOWRkM2ZhMmU0OTBiYg

170 B
188 B

64ms
64ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk4OGU0ZjNiZTI5ODU0YWFmYzVkZjllZWEwOWRkM2ZhMmU0OTBiYg

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDk4OGU0ZjNiZTI5ODU0YWFmYzVkZjllZWEwOWRkM2ZhMmU0OTBiYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C3B9 70 B
265 B 183ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C3B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUV5mWfkUm2D1c8uD3c9P4&google_cver=1

0
239 B

221ms
55ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUV5mWfkUm2D1c8uD3c9P4&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUV5mWfkUm2D1c8uD3c9P4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame CAFD 170 B
188 B 64ms
63ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YqP3hRQsllFUueZR0AZgJQAABy0AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame CAFD 70 B
264 B 76ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame CAFD
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqP3hRQsllFUueZR0AZgJQAABy0AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqP3hRQsllFUueZR0AZgJQAABy0AAAIB&dcc=t

43 B
645 B

136ms
136ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqP3hRQsllFUueZR0AZgJQAABy0AAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SRR5VA7V2HBB5G9N7QVX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5X7BXJB46D8X8W6NV5TM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqP3hRQsllFUueZR0AZgJQAABy0AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame CAFD 0
0 163ms
53ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame CAFD 43 B
430 B 228ms
55ms Image
image/gif 52.210.200.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.200.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-200-111.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:43 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YqP3hRQsllFUueZR0AZgJQAABy0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CAFD 43 B
986 B 191ms
56ms Image
image/gif 2a05:d018:d29:3601:b5e2:da8a:f496:918a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YqP3hRQsllFUueZR0AZgJQAABy0AAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:b5e2:da8a:f496:918a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame CAFD 0
331 B 221ms
70ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame CAFD 43 B
425 B 54ms
53ms Image
image/gif 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YqP3hRQsllFUueZR0AZgJQAA%261837
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 02:01:43 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1614
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Jun 2022 02:28:37 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame E3C8
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

132ms
132ms

Document
text/html

52.45.92.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.92.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-92-187.compute-1.amazonaws.com
Software: /
Resource Hash: 0c7d8bd180cefef2a0d8a7c0e4c1909fbd212e2b9befe0fa5431b95078feb218

Request headers

Referer: https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Sat, 11 Jun 2022 02:01:44 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Sat, 11 Jun 2022 02:01:44 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Sat, 11 Jun 2022 02:01:44 GMT
location: /um/cs&eq_cc=1

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 0225
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2901319731568019291

0
406 B

1116ms
167ms

Document
text/plain

23.227.139.243

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2901319731568019291
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 11 Jun 2022 02:01:44 GMT
Etag: e455db42238e3d18
Server: VertaMedia 1.0

Redirect headers

content-length: 0
content-type: text/plain
date: Sat, 11 Jun 2022 02:01:44 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2901319731568019291
server: nginx

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame 115C 3 KB
2 KB 186ms
54ms Document
text/html 2600:9000:2156:f400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3735
cache-control: max-age=7200
content-encoding: br
content-type: text/html
date: Sat, 11 Jun 2022 00:59:30 GMT
etag: W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified: Fri, 10 Jun 2022 08:59:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: r8MK1IWB6LvAAznswtxJk6byxFoD5oV4EgRXGUvaukiolWjqK3C8yg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: lJpjBVlrlhbYHTBVCpTt0WEaCVljhCwM
x-cache: Hit from cloudfront

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame C49D 0
397 B 1162ms
119ms Document
text/plain 23.227.139.243

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 -, , ASN (),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 11 Jun 2022 02:01:44 GMT
Etag: e455db42238e3d18
Server: VertaMedia 1.0

GET csync
sync.console.adtarget.com.tr/ Frame 07E2 0
0

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame 4A84
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7118a128-e92a-11ec-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7118a128-e92a-11ec-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=7TkCdWNES0p4TG6Rm30gFw&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=7TkCdWNES0p4TG6Rm30gFw&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=7TkCdWNES0p4TG6Rm30gFw&extra2=aidata&google_gid=CAESEHLDbjKCWr1kBT7LXHczSJc&google_cver=1

43 B
516 B

258ms
54ms

Image
image/gif

31.172.81.158

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=7TkCdWNES0p4TG6Rm30gFw&extra2=aidata&google_gid=CAESEHLDbjKCWr1kBT7LXHczSJc&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.158 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 02:01:44 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Sat, 11 Jun 2022 02:01:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=7TkCdWNES0p4TG6Rm30gFw&extra2=aidata&google_gid=CAESEHLDbjKCWr1kBT7LXHczSJc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

uu Show response
ih.adscale.de/ Frame 115C
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1654912904
https://ih.adscale.de/uu?cbfn=receive&t=1654912904&nut&uu=a060ff28fce848d6b49535fd93fb5066

44 B
214 B

55ms
54ms

Script
text/javascript

3.66.201.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1654912904&nut&uu=a060ff28fce848d6b49535fd93fb5066
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Server: 3.66.201.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-201-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f9701ea9823984971e8e797cefc7dd5d54525ffd7611551180dd23b28f11cdd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:44 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1654912904&nut&uu=a060ff28fce848d6b49535fd93fb5066
date: Sat, 11 Jun 2022 02:01:44 GMT
content-length: 0

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame E3C8 43 B
1 KB 66ms
66ms Image
image/gif 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d4ad61cb-4f32-4fbb-8b5e-b21907898878&expiration=1662861704
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Jun 2022 02:01:44 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7F36 0
743 B 54ms
53ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:44 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7fa08eba-5ddd-4283-a3be-28cdd0ef83f2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame 115C 11 KB
4 KB 57ms
56ms Script
application/javascript 2600:9000:2156:f400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: eb4KfoHyZOa9.0IXlVjDAvVqdf.zInO4
content-encoding: br
last-modified: Fri, 10 Jun 2022 08:59:27 GMT
server: AmazonS3
age: 3735
etag: W/"988fbfb6c270a6080f89deb043243858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Sat, 11 Jun 2022 00:59:30 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Enl6rfgOx6_eb9_49XiRZZ2PbIDdx9iCLgfRP42j5yYLl0CrC37Hkg==

GET csync
sync.console.adtarget.com.tr/ Frame 115C 0
0

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame 115C 149 B
224 B 55ms
54ms Script
application/javascript 3.66.201.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1654912904510&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.201.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-201-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:44 GMT
content-length: 149
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 1504 3 KB
3 KB 57ms
56ms Document
text/html 3.66.201.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.201.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-201-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5637082446e898124f7be93c55dd05d9f3d22a925360ba3aece4a3ba3d844068

Request headers

Referer: https://js.adscale.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 2792
content-type: text/html;charset=ISO-8859-1
date: Sat, 11 Jun 2022 02:01:44 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 1504 4 KB
2 KB 62ms
56ms Script
application/javascript 2600:9000:2156:f400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: zbEVvMvlbmvMfEs3JIXPO_vZflmTUphp
content-encoding: br
last-modified: Fri, 10 Jun 2022 08:59:27 GMT
server: AmazonS3
age: 3735
etag: W/"ff7cce9128150bd82f1a709c03692e3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Sat, 11 Jun 2022 00:59:30 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HOuL2xoJMjG1qc7U6JZgnVCntVoHTrviFYqUpX3Oy_7I_Ohm2vCR2g==

GET
H2

200

img
ih.adscale.de/sium/d9282617e5f94cc1885e359c90cecc68/1654912904604/0/ Frame 1504
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=a060ff28fce848d6b49535fd93fb5066&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9282617e5f94cc1885e359c90cecc68%2F1654912904604%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/d9282617e5f94cc1885e359c90cecc68/1654912904604/0/img?tpid=101&tpuid=BBID-01-03296269049104320-16626744

49 B
468 B

55ms
55ms

Image
image/gif

3.66.201.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/d9282617e5f94cc1885e359c90cecc68/1654912904604/0/img?tpid=101&tpuid=BBID-01-03296269049104320-16626744
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.66.201.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-201-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:44 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Sat, 11 Jun 2022 02:01:44 GMT
Server: nginx
Transfer-Encoding: chunked
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location: https://ih.adscale.de/sium/d9282617e5f94cc1885e359c90cecc68/1654912904604/0/img?tpid=101&tpuid=BBID-01-03296269049104320-16626744
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 26A7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

59ms
58ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6605102a-7f94-52a2-abd2-c882c9713f01&CACHEBUSTER=69576
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Jun 2022 02:01:45 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 11 Jun 2022 02:01:45 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1504
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=22a87e696bdba243673a2e366...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqP3hRQsllFUueZR0AZgJQAA%261837

49 B
561 B

56ms
55ms

Image
image/gif

3.66.201.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqP3hRQsllFUueZR0AZgJQAA%261837
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.66.201.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-201-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 02:01:45 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 02:01:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YqP3hRQsllFUueZR0AZgJQAA%261837
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 310
Expires: Sat, 11 Jun 2022 02:01:45 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 26A7 31 KB
10 KB 64ms
63ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 02:01:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 17:17:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34485
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Sat, 11 Jun 2022 11:36:30 GMT

GET img
sync.mathtag.com/sync/ Frame 1504 0
0

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 26A7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rtb.adxpremium.services
URL: https://rtb.adxpremium.services/openrtb2/auction

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7e463edd-8a5e-4b94-8fec-9e70ea8fcc16

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89773335&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Domain: sync.console.adtarget.com.tr
URL: https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D

Domain: sync.console.adtarget.com.tr
URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=a060ff28fce848d6b49535fd93fb5066

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=dbb225fca487f75d83a1b651cfce56f756a2062f35fd9611774c16c7cd296067&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9282617e5f94cc1885e359c90cecc68%2F1654912904604%2F0%2Fimg&gdpr=0

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L498ETQE-1G-CCWU

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.gismeteo.ua/	1970-01-20 04:25:04	Name: ab_audience_2 Value: 74
.www.gismeteo.ua/	1970-01-20 12:27:28	Name: cityIP Value: 2433
.gismeteo.ua/	1970-01-20 21:13:04	Name: _ga Value: GA1.2.1775871208.1654912899
.gismeteo.ua/	1970-01-20 03:43:19	Name: _gid Value: GA1.2.1039486844.1654912899
.gismeteo.ua/	1970-01-20 03:41:52	Name: _gat Value: 1
www.gismeteo.ua/	1970-01-25 07:39:25	Name: cbtYmTName Value: xb7nrKHn/+ej/aOn9fHwoPCjo6b3pv3157hM
www.gismeteo.ua/	1970-01-20 04:25:04	Name: _pbjs_userid_consent_data Value: 3524755945110770
.gismeteo.ua/	1970-01-20 12:27:28	Name: _pubcid Value: 71dc457d-5fa6-4eaf-a454-df42a4587ef0
.gismeteo.ua/	1970-01-20 13:10:40	Name: __gfp_64b Value: Fux8AYlwZZafdXTdF6FHQ3Uc1cfxVXhJIA4X4qMG65H.q7\|1654912899
www.gismeteo.ua/	1969-12-31 23:59:59	Name: Value: store.test
loadercdn.net/	1970-01-23 19:17:52	Name: vui Value: 97f145a006284a898183c239e0f0055c
.admixer.net/	1970-01-20 05:51:28	Name: am-uid Value: 992fe980414b42fd87651a58942a2f3a
.betweendigital.com/	1970-01-20 12:27:28	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 12:27:28	Name: tuuid Value: 6605102a-7f94-52a2-abd2-c882c9713f01
.betweendigital.com/	1970-01-20 12:27:28	Name: ss Value: 1
.betweendigital.com/	1970-01-20 12:27:28	Name: unm Value: 1
.hit.gemius.pl/	1970-01-20 13:10:40	Name: Gdyn Value: KlGhIRXGQMGGB-a1y7LfkT8issGMXP8c25nSGhlBVRLBFRxSG7RrGS6GtgoBFlM2xgGPo1RGF8CBI8l8MG..
.rubiconproject.com/	1970-01-20 12:27:28	Name: khaos Value: L498ETQE-1G-CCWU
.rubiconproject.com/	1970-01-20 12:27:28	Name: audit Value: 1\|naVuGyos1qpOub3IEjUh7q2qEsFCZ0ctSdOhPT1GMTmJwDcyBZJrc6/+814hP5SDgwdVPxbSSNiU44bWCyD7G8xuhZpbWKLtBMWf8c70DSg=
.adnxs.com/	1970-01-20 05:51:28	Name: icu Value: ChgIgpE2EAoYASABKAEwg--PlQY4AUABSAEQg--PlQYYAA..
.adnxs.com/	1970-01-20 05:51:28	Name: uuid2 Value: 8307662179034719125
www.gismeteo.ua/	1970-01-20 13:03:28	Name: cto_bidid Value: SZFRyV81eXVRZmVUdTZsZW9sUWtZVFE0cVdQeXJ1TmdSQ0pCQ0pkVUlkMlVCdHRaWkJZQm5ad09YJTJCQ2NuVmxCcTY1YTJmWEFValo1VnlaYjJjdiUyRm11MEdaUkElM0QlM0Q
www.gismeteo.ua/	1970-01-20 13:03:28	Name: cto_bundle Value: YZoO-V80cXhWZVhsVnFuRnBvRlFvb1U1MG1wcXVKVEZIMlJGYXAxZHVDRVM4T1ZJMW4lMkZpZEVrNWh3MklHWXNrN01pSGhseDlCWnVaMEppMHJXb2hQUndxQXpVMEpXUFpFNWNIN0ZkRXBJZUFEQzJXU2JwVGVNaXRnY3VMelNlJTJGZ2U1d0o
.criteo.com/	1970-01-20 13:03:28	Name: uid Value: 388ee8cb-0dd0-463d-9e6c-e3038764c6db
.gismeteo.ua/	1970-01-20 13:03:28	Name: cto_bundle Value: Oemxhl80cXhWZVhsVnFuRnBvRlFvb1U1MG1tdHdZbVVpVnZ3VFZKZTlYZWNlZUljWVZ5VkhCNW9SJTJGWWtIMWdINGNkWDQ2blRlaUs2cSUyRmwzWDNHRmlIMWU2NER1d0J5ZTBKTkUlMkJ3bXk2VWtKVmljSUF5TVROZlFwUjA1JTJCMzQ2JTJGS1RQY0dlVTJMM3M1UTQ2YUZweFcxOGhvMk13JTNEJTNE
.www.gismeteo.ua/	1970-01-20 13:03:28	Name: cto_bundle Value: Oemxhl80cXhWZVhsVnFuRnBvRlFvb1U1MG1tdHdZbVVpVnZ3VFZKZTlYZWNlZUljWVZ5VkhCNW9SJTJGWWtIMWdINGNkWDQ2blRlaUs2cSUyRmwzWDNHRmlIMWU2NER1d0J5ZTBKTkUlMkJ3bXk2VWtKVmljSUF5TVROZlFwUjA1JTJCMzQ2JTJGS1RQY0dlVTJMM3M1UTQ2YUZweFcxOGhvMk13JTNEJTNE
.gismeteo.ua/	1970-01-20 13:03:28	Name: __gads Value: ID=b1cf52fdb4158a6e-228a7aa2aecd00c1:T=1654912900:S=ALNI_MauhjVbJeZryRwvToT1enZHcjMk7A
.doubleclick.net/	1970-01-20 13:03:28	Name: IDE Value: AHWqTUk5_VcUfC1AJ5JGUsM8AF61_IYGK-Q-Tk8HrhuTfY7AHIpsBvpYuwTQWtXZzAk
.adform.net/	1970-01-20 04:25:04	Name: C Value: 1
.adnxs.com/	1970-01-20 05:51:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQHzQ70!@wnfH8K6pQK`!5=E<*L5?%KX5v)j%='T@)2(=z_9x'yue8f]DBgPg@x(>qdP(hw9P-HC_#tsbN)UxLZ
.casalemedia.com/	1970-01-20 05:51:28	Name: CMPS Value: 1837
.casalemedia.com/	1970-01-20 12:27:28	Name: CMID Value: YqP3hRQsllFUueZR0AZgJQAA
.casalemedia.com/	1970-01-20 05:51:28	Name: CMPRO Value: 1837
.adform.net/	1970-01-20 05:08:16	Name: uid Value: 2901319731568019291
.adform.net/	1970-01-20 03:51:57	Name: TPC Value: 1654912901732
.serving-sys.com/	1970-01-20 05:51:28	Name: A6 Value: 10PEoOw.ap1005xi000010000
.serving-sys.com/	1970-01-20 05:51:28	Name: u2 Value: 2e4ea999-52ba-4119-858f-d1f02dabc0084Hi06g
.serving-sys.com/	1970-01-20 05:51:28	Name: eyeblaster Value: FLV=0&RES=32
.ads.pubmatic.com/	1970-01-20 03:43:19	Name: KCCH Value: YES
a4p.adpartner.pro/	1970-01-20 05:08:16	Name: apuid Value: 7e463edd-8a5e-4b94-8fec-9e70ea8fcc16
.adsniper.ru/	1970-01-27 10:53:52	Name: uuid3 Value: IiQ3MTE4YTEyOC1lOTJhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/	1970-01-27 10:53:52	Name: suuid3 Value: IiQ3MTE4YTEyOC1lOTJhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.yahoo.com/	1970-01-20 12:27:50	Name: A3 Value: d=AQABBIf3o2ICEJ0bk7gE34TcY88ljbBy_qEFEgEBAQFJpWKtYgAAAAAA_eMAAA&S=AQAAAnSXwsk-V4PVQRWidV6Thhk
.bidswitch.net/	1970-01-20 12:27:28	Name: c Value: 1654912903
.bidswitch.net/	1970-01-20 12:27:28	Name: tuuid_lu Value: 1654912903
.bidswitch.net/	1970-01-20 12:27:28	Name: tuuid Value: 2a4772a9-449c-4bc5-b4f6-fabdb3945378
.adhigh.net/	1970-01-20 12:27:28	Name: gi_u Value: 0rTWCJUXMef.AikABlGBUH7q3A
.amazon-adsystem.com/	1970-01-22 00:00:07	Name: ad-privacy Value: 0
.adhigh.net/	1970-01-20 12:27:28	Name: btw_sync Value: jJb
.eqads.com/	1970-01-20 05:54:21	Name: EQUser Value: UID=d4ad61cb-4f32-4fbb-8b5e-b21907898878
.betweendigital.com/	1970-01-20 12:27:28	Name: ut Value: YqP3iAACHvgn5McGfruBoD5G_9RWnBtsqM3RPA==
.amazon-adsystem.com/	1970-01-20 08:35:38	Name: ad-id Value: AxruDqP3SUN8tcd8pFbYT1A
.casalemedia.com/	1970-01-20 12:27:28	Name: CMRUM3 Value: 2e62a3f78705a0&4962a3f78705a0&8262a3f787a8c0&2862a3f7882760d4ad61cb-4f32-4fbb-8b5e-b21907898878&2d62a3f7852760CAESECIeGHAGwCXtd5yoinXrAL0&e662a3f7872760&2762a3f7870b40&6f62a3f78705a0&f162a3f78705a0
.casalemedia.com/	1970-01-20 03:43:19	Name: CMST Value: YqP3hWKj94gA
.adscale.de/	1970-01-20 12:24:08	Name: uu Value: a060ff28fce848d6b49535fd93fb5066
.adscale.de/	1970-01-20 12:24:08	Name: cct Value: 1654912904356
.aidata.io/	1970-01-20 21:13:04	Name: __upin Value: 7TkCdWNES0p4TG6Rm30gFw
.aidata.io/	1970-01-20 21:13:04	Name: __upints Value: 1654912904
x01.aidata.io/	1970-01-20 03:41:52	Name: adsnpr Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: net::ERR_CONNECTION_RESET
security	error	URL: https://galt.hit.gemius.pl/xgemius.js(Line 591) Message: Mixed Content: The page at 'https://www.gismeteo.ua/' was loaded over HTTPS, but requested an insecure frame 'http://ls.hit.gemius.pl/lsget.html'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5a3b1ccce3d87bb7e3b6c7e50e884899.safeframe.googlesyndication.com
a4485.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
bbnaut.ibillboard.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cache.betweendigital.com
cdn.admixer.net
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
csync.loopme.me
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
galt.hit.gemius.pl
ghb.adtelligent.com
gismeteo.ua
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
ih.adscale.de
image6.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
js.adscale.de
lm.serving-sys.com
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
node.setupad.com
odr.mookie1.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prg.smartadserver.com
px.adhigh.net
rss-images.gismeteo.st
rtb.adxpremium.services
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.znctrack.net
s1.adform.net
secure-assets.rubiconproject.com
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.gismeteo.st
stats.g.doubleclick.net
stpd.cloud
sync.adtelligent.com
sync.bumlam.com
sync.console.adtarget.com.tr
sync.dmp.otm-r.com
sync.mathtag.com
sync3.adsniper.ru
sync3.sniperlog.ru
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
um2.eqads.com
www.gismeteo.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
x01.aidata.io
image6.pubmatic.com
pixel-eu.rubiconproject.com
rtb.adxpremium.services
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.mathtag.com
104.92.74.8
108.156.255.76
141.95.98.65
142.250.181.226
142.250.186.98
146.0.227.109
146.59.30.108
148.251.4.142
151.101.65.108
151.236.118.210
159.89.25.223
178.250.0.165
178.250.2.146
18.185.225.109
185.170.63.77
185.184.8.90
185.187.81.40
185.64.189.112
185.86.138.121
188.42.196.115
193.108.153.28
193.16.47.244
193.16.47.245
194.190.76.38
194.213.62.37
209.205.201.34
209.205.206.178
23.227.139.243
23.32.59.34
23.35.236.201
23.35.236.247
23.75.240.210
23.88.75.189
2600:9000:2156:f400:f:4f64:8940:93a1
2602:803:c003:200::51
2606:4700:20::ac43:44a2
2606:4700::6810:5614
2606:4700::6812:1f31
2a00:1288:80:807::2
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:2638::1c
2a02:2638::3
2a03:90c0:41:2801::254
2a05:d018:d29:3601:b5e2:da8a:f496:918a
2a06:98c1:3120::3
2a06:98c1:3121::3
3.122.149.33
3.66.201.109
31.172.81.158
31.172.81.160
31.172.81.172
34.98.64.218
34.98.67.61
35.156.193.10
35.71.131.137
37.157.2.234
37.157.2.237
37.157.3.29
37.157.5.73
37.252.172.250
37.252.172.37
52.210.200.111
52.45.92.187
52.46.130.91
52.94.223.37
67.202.105.32
69.173.144.138
69.173.144.165
79.137.68.143
89.108.119.43
0259acad7fd5fad1252f13f559fe60004413ac8b0745e8846ab7fcbe523e5f85
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081dfc4bb2b866c85e9abb8d6cb1a93b0120fb7f1be36eba0c54132750644cf3
0840939a7aadc5595d1f7eaefb743f743292f2f2c742d29f150fea594a16023a
0adb82bf68f122a2ba30c4b35f61b3556c959b8281e0aaab3946471e139e0dc0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bcdd418d545e6fcfbcb700691a6cd84b3c672c5244c7a582c38a35462142067
0c7d8bd180cefef2a0d8a7c0e4c1909fbd212e2b9befe0fa5431b95078feb218
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f1f1ca7b819de1e88294e28cc37c3ef251c723249652309b0aaf1f33ad71050
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130abfcf6a76e6eca3a26b5e28c9a3888f781b387f1c4738ab0050c62dc3f011
14512d8404fac68b6c89b8f939882a89f732eadce537eb90d419e8ba09097265
15f75e95a853154eea9b495b0a5b334e1f4831ddd982fa746c4d8cad7735cefe
1b8e86c39020b6424e9b4393a40dd67d7e25c648599209812c6659f5795574f1
1cf76ead90ab28cec81aca0a344ed0f33bfff2d3fe010308ea3650b30ba19d71
1f7c1b39c57d258542d3bd876e1213b92f0ad1aac344325811c52a5d8030b0f8
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
28afb0bf5088962ee2ab6ccd51361d8851bbe38b82cb49acc1c5730fcc25f033
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d406d4745472525da74efe07425fa1c73865f524dccf430f6c0f0e85f6f06b6
2d48083fb1497fd8a18c60cee6cc3d02a5d35400774750a32c88e3df45aa6fb0
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af
3a608b0e5c0fca9fbe7080712122a0a4d65c1bf8ddd87b2ad784ff1815407a53
3aa3c414fbf645280a571908c0eb8cc984c8a17b69dcb8f9c77946bdffe3a8a0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4369b15980aaca58f5fb5b597ffd801ee4399bf096222dd9e7317baaa341ab2a
43bdaee4d4968f586e2b0085ade4b3fe09fd1e24b6108c1043a1b25dbb513463
44ddfe47c24f85c7685fde50a5d96ed502207995c93ccfeb48ca90be51a2f208
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
4777b19432f00581f2b4f8aebbc246ea5f18431654306b697c49560ace61dd38
47cc855588f7599b8301e9783b76d5e3efe7cb9c69816443d9760e36032c99f1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49fcbe04a9b43d74d873fa309a5d2ef0ad8d9983997af589ec13b25cc4547794
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5026b01731e4adfd89a7941fe90121c186f82969ae7891dbfc8f349ffd1404d9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53a174b4bf00eb83e8211d8425b45e6785b1af25b1d7df7d731cafcb37dc580e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5637082446e898124f7be93c55dd05d9f3d22a925360ba3aece4a3ba3d844068
56ff33ff05a65a7275c4ecf0792cfd9010a6bfc139af4ca18fddc3f4674afc90
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5e25defae7fae40a5001f3f1cf51f59d60e90ba20c6c1de92148f18cecf38908
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ef9e4a353c5adea27356c57a75527bd31dfaddb0cdaa334dd546f8bacac7fb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48
6432ec4ed5666c89f540968f6fe64c4d21a82a976b9008d64a64b335c781b68b
65510155fba43504911909ebd5a89b33097335878ff825b6fd565d61a4688404
66a1502ca399e6dbf1137cb1fd1b3ad81f5b0299a131aac50ec5a3184b4b35d4
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69203082f1a1c36dc4a1668c84a1e46b9f660839dd6d4af9e96f48c6d8c0fdaa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e7bced10d89dcc8b4150eb433c2aa48b508162514cd3ed761e9b716bd70b4ad
6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701
730d271d9ae68129232e08123e4eefc1bf66b3fbaff3c4076c1a5a335a46c729
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75d19b9bf5745d06ab4472468c07fd174802282448222f92bee9d8cc0319116b
762ce98246d4677073afda507d0985bf2c632b8c423aa07252f9956e345cfe9d
76b6661092ca66a0cc4230366f357e1ba5d50a4427ba0b91712c5acffdaa3581
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
80f5bc2774d1d61a7eb2681f9ffb6897707d8a2b569924f1bc84910d0bfcb8e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854ef43275c0fd1a200013e4a91def930c59ba2d7b68f0f658f46ae0775a6466
85aa920fdc68e2aad3bee0699236416df3d0f0da7b2bcec7f783edf60b536c12
86017a4a56067ae8c621a557302d2c8200327820464f98f579f9fc840740298d
87fc01f413af52173fec76fe811c4bd311892b0edcdd647140ba24a43d8b9639
894aa20536ae6e99f77b8ea596211dc5a629e23fc3bd25be898f78612e245abc
89673d78755b341ffdcbed35fabefb9218cf5658710f5f4300ccd2c3b1f9e8a4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
966c8ac33a575ef8952fef62d9d12717c85a53bffa0958ab6e4f56c7430bb5b0
9dba6309ce6bbff36d5dc87f9d818edcee140b8708093b08f0b0d801121133de
9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec
9fb3268d5184502c0c4f6c47eeb83d3d50126b7c158bec030879729456fcea90
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fee9c0614404bca888b228f7bdcf0a7edf71b9483673adf186b8d5dcc0e617
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56c205b17f172e198b8ecda86282e8e29a86d88d02a39ac120f527fc71bcd17
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2074b177a160ab4cf6097cbc5af280481dd65c6c6e83501896e3482622e6fe4
b24620ee5ffb440f6f10cd17f6314de40f563becdd4f41c1cc230e0e1a270fb7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2457b3259b6125151889823525019f87046a456ae572910cc549e5c8172facd
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c8735027e366b7837606564a38c5672a7fada0e7351ec677406ab22ce622903b
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
cb12e326d800b4d87d4e221c31dc81af6cbfd3c9ee7b2c43d2e4fd866f8145f2
cd3901ec47f7973dde7eb9ff3cae27bd49cf8a3ee751db2af0d1a49a7e239cda
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
cf2ddf0b707f96f55ecd8a893547440aff185b57ca3bac3d1800d8a390f7ac0b
cf7347d769f2eaa66b188bdea69e3de440e289d51769d5b0af2c08640d45b80d
d251ff039a6ddff782691e1cd9e220a27ffb95d6637d9d906c4306719e0a8c7b
d53c3aa6ad29e04a72af2cb84bd6cd333303370f4e1a5472daee7e3f7fb2f328
dbc307aa3e225df03684f4165f82daf6bd5d5a697402052d65ae754540d87224
dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de14e284bfe666d469dbc161975bcba1fe0ebe2d5f36b236914e9c8292a8541b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df94b012428d4a6fdae47f60cf86ffc6eb3e3d115ba5a3e71a287f78b35074db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed98eb226484ada005003472dd1de115845db8f1aa403bce45174adab2ee6119
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bb45c44d512c7fc2f764e3fc9429ed4a3427ae4ceba988d43b5577e2a4ab68
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f840622694f44980f94696f8284f80d0b56d509d4a4b53a9205ea0140d0858a3
f9701ea9823984971e8e797cefc7dd5d54525ffd7611551180dd23b28f11cdd7
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08
fbf18cea4cd1954566d16d7881a0d5da3df500f2a1a17c8a2261736897df3ad0
fc706da7708489e7e72f770c368ad6b362f7b8be58eb221699df21b97eb8fb80
fe2afd17237c8eaeaa6ca240c0af8fcf7464920edcfac8816589ea92322fc31a

www.gismeteo.ua Open in urlscan Pro 193.16.47.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

84 %HTTPS

28 %IPv6

51 Domains

90 Subdomains

69 IPs

14 Countries

1478 kBTransfer

4342 kBSize

59 Cookies

10 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gismeteo.ua Open in urlscan Pro
193.16.47.244 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

84 %
HTTPS

28 %
IPv6

51
Domains

90
Subdomains

69
IPs

14
Countries

1478 kB
Transfer

4342 kB
Size

59
Cookies

199 HTTP transactions
5 data transactions