www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukr.net/
Effective URL:
https://www.ukr.net/
Submission: On August 22 via manual (August 22nd 2023, 6:19:20 pm UTC) from UA — Scanned from DE

Summary HTTP 196 Redirects Links 286 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 35 domains to perform 196 HTTP transactions. The main IP is 104.18.8.128, located in and belongs to CLOUDFLARENET, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 184831.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 7th 2023. Valid for: a year.

This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.9.128 104.18.9.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	104.18.8.128 104.18.8.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700::68... 2606:4700::6812:509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 8	212.42.75.253 212.42.75.253	8856 (UKRNET Kiev) (UKRNET Kiev)
2 2	212.42.75.249 212.42.75.249	8856 (UKRNET Kiev) (UKRNET Kiev)
4	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
1 2	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.42.73.60 212.42.73.60	8856 (UKRNET Kiev) (UKRNET Kiev)
1	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	212.42.76.151 212.42.76.151	8856 (UKRNET Kiev) (UKRNET Kiev)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
5	62.149.23.112 62.149.23.112	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	185.239.172.77 185.239.172.77	55081 (24SHELLS) (24SHELLS)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	44.205.87.2 44.205.87.2	14618 (AMAZON-AES) (AMAZON-AES)
22	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
3 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
3	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	3.9.45.49 3.9.45.49	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1	108.157.4.70 108.157.4.70	16509 (AMAZON-02) (AMAZON-02)
1	18.154.63.54 18.154.63.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	35.178.127.134 35.178.127.134	16509 (AMAZON-02) (AMAZON-02)
196	53

1 104.18.9.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.8.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zakladki.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6812:509 (United States)

ASN13335 (CLOUDFLARENET, US)

upst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.75.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com

accounts.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.75.249 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com

mail.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com

pinformer.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.149.23.112 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc86365-06.cc.colocall.com

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.239.172.77 (United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.87.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-87-2.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (Grosse Pointe, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Sindelfingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (Valence, France) 3 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.45.49 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-45-49.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-70.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-54.dus51.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.178.127.134 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-127-134.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	440 KB
27	fwdcdn.com upst.fwdcdn.com — Cisco Umbrella Rank: 233927	397 KB
26	ukr.net 5 redirects ukr.net — Cisco Umbrella Rank: 73759 www.ukr.net — Cisco Umbrella Rank: 184831 zakladki.ukr.net accounts.ukr.net — Cisco Umbrella Rank: 202820 mail.ukr.net — Cisco Umbrella Rank: 132776 counter.ukr.net — Cisco Umbrella Rank: 166558	155 KB
20	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	437 KB
19	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 stats.g.doubleclick.net — Cisco Umbrella Rank: 122 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 ad.doubleclick.net — Cisco Umbrella Rank: 187 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 179726	215 KB
10	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 7601 ghb.adtelligent.com — Cisco Umbrella Rank: 6604 sync.adtelligent.com — Cisco Umbrella Rank: 3639	197 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 40248 hal900021.redintelligence.net — Cisco Umbrella Rank: 405840	58 KB
8	sinoptik.ua pinformer.sinoptik.ua — Cisco Umbrella Rank: 201962	46 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	4 KB
5	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2706 www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 126	2 KB
4	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 44946	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	3 KB
4	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 42082	8 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	279 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 27613 api.webgains.io — Cisco Umbrella Rank: 58267	18 KB
3	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44216	1 KB
3	gstatic.com fonts.gstatic.com	63 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 2338	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	2 KB
2	trafmag.com trafmag.com — Cisco Umbrella Rank: 41978 t.trafmag.com — Cisco Umbrella Rank: 53220	4 KB
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 12611	1 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 53672	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 74227	437 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 43802	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 199945	931 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	57 KB
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 4053
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 864	277 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 710	13 KB
1	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 229283	450 B
1	google.de www.google.de — Cisco Umbrella Rank: 5345	408 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 613339	169 B
1	mgid.com servicer.mgid.com — Cisco Umbrella Rank: 8282	3 KB
1	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 298450	712 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1212	7 KB
196	35

	Domain	Requested by
27	upst.fwdcdn.com	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com cdn.ampproject.org www.ukr.net ad.doubleclick.net
20	cdn.ampproject.org	413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.ukr.net pagead2.googlesyndication.com 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
8	pinformer.sinoptik.ua	www.ukr.net pinformer.sinoptik.ua
8	accounts.ukr.net	1 redirects upst.fwdcdn.com www.ukr.net accounts.ukr.net
8	securepubads.g.doubleclick.net	www.ukr.net securepubads.g.doubleclick.net 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
8	www.ukr.net	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua static.cloudflareinsights.com
6	413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
4	pv.medialead.de	3 redirects hal900021.redintelligence.net
4	hal900021.redintelligence.net	1 redirects 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com hal900021.redintelligence.net
4	hal9000.redintelligence.net	413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com hal900021.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	counter.ukr.net	www.ukr.net counter.ukr.net
4	go.rcvlink.com	www.ukr.net go.rcvlink.com
4	www.googletagmanager.com	www.ukr.net www.googletagmanager.com adv.office-partner.de
3	pb.media01.eu	hal900021.redintelligence.net 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com www.ukr.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
2	fonts.googleapis.com	413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com hal900021.redintelligence.net
2	sync.adtelligent.com	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	a4p.adpartner.pro	1 redirects upst.fwdcdn.com
2	mail.ukr.net	2 redirects
2	player.adtcdn.com	www.ukr.net
2	zakladki.ukr.net	www.ukr.net
2	ukr.net	2 redirects
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
1	adv.office-partner.de	hal900021.redintelligence.net
1	ad.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagservices.com	www.ukr.net
1	cookies.nextmillmedia.com
1	t.trafmag.com
1	ap.lijit.com
1	mug.criteo.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	s.znctrack.net	www.ukr.net
1	www.google.de	www.ukr.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	loadercdn.net	www.ukr.net
1	servicer.mgid.com	upst.fwdcdn.com
1	trafmag.com	upst.fwdcdn.com
1	m.mixadvert.com	upst.fwdcdn.com
1	static.cloudflareinsights.com	www.ukr.net
196	55

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
rozetka.com.ua
proizd.ua
robota.ua
rst.ua
avtoprod.ua
avtosale.ua
osago.avtosale.ua
goroshina.ua
www.otpusk.ua
www.accordtour.com
gorod-plitki.com.ua
dom.ria.com
lun.ua
flatfy.ua
casada.ua
healthyway.com.ua
med-magazin.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
budpolimer.com
goodmax.com.ua
luxchrono.com.ua
artpotolok.kiev.ua
lascala.ua
work.ua
optima.school
layboard.com
grc.ua
optima.study
cutt.ly
buketland.com.ua
flowers.ua
hvosting.ua
nic.ua
rx-name.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
mixadvert.com
m.mixadvert.com
kinoafisha.ua
censor.net
www.unn.com.ua
www.slovoidilo.ua
sprotyv.info
focus.ua
zn.ua
bukvy.org
www.pravda.com.ua
armyinform.com.ua
nv.ua
espreso.tv
ua.news
banki.ua
thepage.ua
ukrayina.pl
enovosty.com
delo.ua
crimezone.in.ua
uatv.ua
donpatriot.news
sud.ua
kyiv.ukrainianwall.com
hromadske.ua
kyivschina24.com
meta.ua
bigkyiv.com.ua
mykyivregion.com.ua
dw.com
ilenta.com
mediasat.info
nnews.com.ua
newsyou.info
cikavosti.com
portaltele.com.ua
www.obozrevatel.com
www.autocentre.ua
www.rbc.ua
www.ua-football.com
ua.tribuna.com
betauth.com
lady.kyiv.ua
zdorovia.com.ua
mysugar.media
glamour.kyiv.ua
womanlife.kyiv.ua
noviydoctor.com
storinka.com.ua
hochu.ua
novyny.live
charter97.org
progroshi.news
newssky.com.ua
zhenskiy.kyiv.ua
telegraf.com.ua
kriminal.tv
v-variant.com.ua
ua-novosti.info
beautytips.kyiv.ua
useti.org.ua
life-ukr.uaportal.com
food.obozrevatel.com
pixelinform.com
recepty.znaj.ua
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
autoshini.com
transshina.com.ua
ukrguma.com.ua
kiaparts.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
www.aks.ua
sotnyk.net
helplist.io
www.facebook.com
dovidka.info
savelife.in.ua
shelter.dopomagai.org
bank.gov.ua
sprotyv.mod.gov.ua
klubnatura.pl
life.pravda.com.ua
www.immobilienscout24.de
chytomo.com
zib.com.ua
www.bamf.de
www.ukrainetakeshelter.com
vogue.ua
life.nv.ua
t.me
upst.fwdcdn.com
trafmag.com
mgid.com
clck.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net

Subject Issuer	Validity	Valid
ukr.net Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
fwdcdn.com Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
adtcdn.com GTS CA 1P5	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.ukr.net Thawte TLS RSA CA G1	`2023-04-29` - `2024-03-29`	a year	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2022-09-25` - `2023-10-01`	a year	crt.sh
adpartner.pro R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
m.mixadvert.com R3	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-13` - `2024-06-13`	a year	crt.sh
loadercdn.net R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
player.adtelligent.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-31` - `2023-09-05`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.ukr.net/
Frame ID: 13F9104D34F24AFE465FB29D82B5803A
Requests: 72 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 1406C1C15014BFB4D02E4B5745D1FBBE
Requests: 6 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 7485B0B0D176AFA1633E489AA1374FB4
Requests: 4 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
Frame ID: 82703179F995AEBCADADA6C59C010892
Requests: 12 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: E4A021694979C2587ECCBD63FA7074EE
Requests: 1 HTTP requests in this frame

Frame: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BDF83C0C3503FB20AFC6965B5D4ACB86
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Frame ID: 98C87883FF027EBF488C0974F104F6A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 051D97D8F319674172B705648D3B28D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B651BDA3D2974B983528285127D3128
Requests: 2 HTTP requests in this frame

Frame: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 660E5FC03263C65999B417E6DA9550FF
Requests: 13 HTTP requests in this frame

Frame: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90275DD6F1B073B7F54733A36DADB9D4
Requests: 16 HTTP requests in this frame

Frame: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 320599FE8132D76597B1103088F0EC44
Requests: 12 HTTP requests in this frame

Frame: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 792016ED0A2C5CAF941CA490874D695B
Requests: 15 HTTP requests in this frame

Frame: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A0D8EFA29A3E99B4001912EEC8A8305
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUMF12MtoErq8rQEEfxkrwKpSCCip4N1vTPd1pDAMlVZfZMqujW8IMSuX8d8HlXS0oiQZTcewznYsQ1RwfZWayHnqArM4AtzwB9yHEfYvAZhako4eMoUxuxmhECOC4l7M1HlsgS6lHf6SZGjs4jXkEnjRoa3NS4JZlBEzTLYLWI5UTfILY
Frame ID: DC1895ADB9E7ECBF4D6C4F23D5748749
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 85C595106927E27EB28CE04F6B5F7CBA
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B4147CE567A10E2DC70D6D726EB9856C
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 3E2836338CEA0B3392EEC75F32AF3ACE
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4fc24e7656cda16a8cdaf&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: DD577A7B768E3021A9E45C1138E20589
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8797CB0FEF7501ABE2104DF18A70B52A
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312
Frame ID: 86E51FB8DE4779A8C78EEE942FBFC1BF
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946
Frame ID: C5865BB923D0547DEC5A97B9F055FA63
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

196
Requests

94 %
HTTPS

41 %
IPv6

35
Domains

55
Subdomains

53
IPs

10
Countries

2408 kB
Transfer

6817 kB
Size

42
Cookies

286 Outgoing links

These are links going to different origins than the main page.

URL: http://ua.sinoptik.ua/?utm_source=ukr.net&utm_medium=main_page&utm_campaign=main_izbrannoe
Title: Sinoptik

Search URL Search Domain Scan URL

URL: http://orakul.com/
Title: Оракул

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=375206
Title: Booking

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukr_net_main&utm_medium=banner_logo&utm_campaign=logo_main
Title: Rozetka

Search URL Search Domain Scan URL

URL: https://proizd.ua/
Title: Proizd.ua

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpm&utm_campaign=logo
Title: Robota.ua

Search URL Search Domain Scan URL

URL: http://rst.ua/
Title: Машини продають на сайтi RST

Search URL Search Domain Scan URL

URL: https://avtoprod.ua/
Title: Продати авто на AVTOPROD.ua

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/
Title: Avtosale - автосалони України

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/insurance/osago
Title: Кращі ціни на автоцивілку

Search URL Search Domain Scan URL

URL: https://goroshina.ua/
Title: Шинний центр ГороШина

Search URL Search Domain Scan URL

URL: http://www.otpusk.ua/?utm_source=ukr.net&utm_medium=cpc&utm_content=general&utm_campaign=ukr.net
Title: 100% турів на Otpusk.ua

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/avtobusni_tury_plyazh_i_more
Title: Тури на море, відпочинок

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=338493
Title: Booking - бронювання житла

Search URL Search Domain Scan URL

URL: https://gorod-plitki.com.ua/ua/
Title: Магазин "Місто плитки" м. Київ

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/novostroyki/?withoutHeader=1&utm_source=ukrnet&utm_medium=clikukrnet_newbuilds&utm_campaign=newbuildings&r_audience=partners_buyers&r_source=ukr.net&r_medium=link&r_campaign=clikukrnet
Title: DOM.RIA - новобудови України

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН - Всі новобудови

Search URL Search Domain Scan URL

URL: https://flatfy.ua/
Title: FLATFY - Квартири шукай

Search URL Search Domain Scan URL

URL: https://casada.ua/massazhnye-kresla-uk
Title: Масажні крісла Casada

Search URL Search Domain Scan URL

URL: http://healthyway.com.ua/uk/yak-zmicniti-imunitet-2/
Title: Як зміцнити імунітет

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmedtovary
Title: Медичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3idlh7f
Title: Ортопедичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3nKOLeo
Title: Пульсоксиметри

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmainpage&utm_campaign=medmag
Title: Товари для здоров'я

Search URL Search Domain Scan URL

URL: http://doctoronline.care/
Title: Безкоштовні консультації лікарів

Search URL Search Domain Scan URL

URL: https://viveohealth.com/
Title: Онлайн консультації лікарів

Search URL Search Domain Scan URL

URL: https://teplo.app/
Title: Допомога психологів

Search URL Search Domain Scan URL

URL: https://budpolimer.com/?utm_source=ukr.net
Title: Господарські товари

Search URL Search Domain Scan URL

URL: https://goodmax.com.ua/uk/catalog/87-schetchiki-dlya-vody
Title: Лічильники води Goodmax

Search URL Search Domain Scan URL

URL: http://luxchrono.com.ua/
Title: Годинники і прикраси Люксхроно

Search URL Search Domain Scan URL

URL: https://artpotolok.kiev.ua/raschet-stoimosti/
Title: Стелі Art Decor

Search URL Search Domain Scan URL

URL: http://lascala.ua/index.php?utm_source=ukr_netdom&utm_medium=link&utm_campaign=ukr_netdom
Title: Постільна білизна 1+1=3

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=rozetka
Title: Магазин електронiки

Search URL Search Domain Scan URL

URL: http://work.ua/?utm_source=ukr.net&utm_medium=advert&utm_campaign=main_rabota
Title: WORK.ua – №1 в Україні

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpc&utm_campaign=link
Title: ROBOTA.ua - перевірені вакансії

Search URL Search Domain Scan URL

URL: https://optima.school/?utm_source=ukrnetLink&utm_medium=cpm&utm_campaign=workgr&utm_term=ukrnetLink
Title: Дистанційна освіта 1-11 клас

Search URL Search Domain Scan URL

URL: https://layboard.com/ua
Title: Робота за кордоном - Layboard

Search URL Search Domain Scan URL

URL: http://grc.ua/?utm_source=ukrnet&utm_medium=link&utm_campaign=main_page
Title: GRC.ua-робота професіоналам

Search URL Search Domain Scan URL

URL: https://optima.study/
Title: Курси для дітей і дорослих

Search URL Search Domain Scan URL

URL: https://cutt.ly/1B0Kz3E
Title: Курси програмування

Search URL Search Domain Scan URL

URL: https://buketland.com.ua/
Title: Квіти - BuketLand

Search URL Search Domain Scan URL

URL: http://flowers.ua/
Title: Flowers-доставка квiтів

Search URL Search Domain Scan URL

URL: https://orakul.com/num/
Title: Нумерологічний прогнози

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/vsi_avtobusni_tury
Title: Автобусні тури в Європу

Search URL Search Domain Scan URL

URL: http://hvosting.ua/
Title: Домени і Хостинг Hvosting.ua

Search URL Search Domain Scan URL

URL: http://nic.ua/
Title: NIC.ua - домени і хостинг

Search URL Search Domain Scan URL

URL: https://rx-name.ua/domains/tld/com.ua
Title: Домен com.ua 250 ₴ rx-name

Search URL Search Domain Scan URL

URL: http://internetua.com/
Title: СМИ - InternetUA

Search URL Search Domain Scan URL

URL: https://sport.ua/football?utm_source=ukrnet-mainpage&utm_medium=ukrnet-link
Title: Футбол на Спорт.ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/
Title: Великий теніс України

Search URL Search Domain Scan URL

URL: http://rada.gov.ua/
Title: Верховна Рада України

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/
Title: Президент України

Search URL Search Domain Scan URL

URL: https://court.gov.ua/
Title: Прес-центр судової влади

Search URL Search Domain Scan URL

URL: https://www.kmu.gov.ua/
Title: Кабінет Міністрів України

Search URL Search Domain Scan URL

URL: http://www.bank.gov.ua/
Title: Нацбанк

Search URL Search Domain Scan URL

URL: http://igov.org.ua/
Title: iGov - портал державних послуг

Search URL Search Domain Scan URL

URL: https://covid19.com.ua/
Title: Відомості про коронавірус

Search URL Search Domain Scan URL

URL: https://adp.digital/ap-landings/2/publisher.php?utm_source=own_promo&utm_medium=unit&utm_campaign=adpartner

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6513/3223717/c2eb1c13-301b-4c48-9266-6b530df10703?data=eyJjcmVhdGVkX2F0IjoxNjkyNzI4MzUyLCJzaG93X2lkIjoiYzJlYjFjMTMtMzAxYi00YzQ4LTkyNjYtNmI1MzBkZjEwNzAzIiwiYWRfdW5pdF9pZCI6NjUxMywicnVsZV9pZCI6MCwiYWRfaWQiOjMyMjM3MTcsImRhdGFfc291cmNlIjoiYXBwLWhiLXBsLTIxOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImJmNDllYzEzLTJiNGEtNGY2ZC1iMTY4LTU3ZjNmYjg3ZDM2YyIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=475f53e04529cc4e89e6daf6eed0d640

Search URL Search Domain Scan URL

URL: https://mixadvert.com/

Search URL Search Domain Scan URL

URL: https://m.mixadvert.com/go/?h=f3e72cae116ee836d602b5360430c173&t=444319&b=1559

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/zal-zn-meteliki?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%96%D0%B5%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5+%D0%B1%D0%B0%D0%B1%D0%BE%D1%87%D0%BA%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/yak-stati-krutelikom?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%B0%D0%BA+%D1%81%D1%82%D0%B0%D1%82%D1%8C+%D0%BA%D1%80%D1%83%D1%82%D1%8B%D0%BC
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/gran-turizmo?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%93%D1%80%D0%B0%D0%BD+%D0%A2%D1%83%D1%80%D0%B8%D0%B7%D0%BC%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/oppengeimer?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D0%BF%D0%BF%D0%B5%D0%BD%D0%B3%D0%B5%D0%B9%D0%BC%D0%B5%D1%80
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/spider-man-across-the-spider-verse-part-one?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A7%D0%B5%D0%BB%D0%BE%D0%B2%D0%B5%D0%BA-%D0%BF%D0%B0%D1%83%D0%BA%3A+%D1%81%D0%BA%D0%B2%D0%BE%D0%B7%D1%8C+%D0%B2%D1%81%D0%B5%D0%BB%D0%B5%D0%BD%D0%BD%D1%83%D1%8E
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/missiya-nevpolnima-smertelnaya-rasplata-cast-1?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%81%D1%81%D0%B8%D1%8F+%D0%BD%D0%B5%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BC%D0%B0%3A+%D0%A0%D0%B0%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%B0.+%D0%A7%D0%B0%D1%81%D1%82%D1%8C+1
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/indiana-djons-5?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BD%D0%B4%D0%B8%D0%B0%D0%BD%D0%B0+%D0%94%D0%B6%D0%BE%D0%BD%D1%81+%D0%B8+%D1%80%D0%B5%D0%BB%D0%B8%D0%BA%D0%B2%D0%B8%D1%8F+%D1%81%D1%83%D0%B4%D1%8C%D0%B1%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/straji-galaktiki-3?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%82%D1%80%D0%B0%D0%B6%D0%B8+%D0%93%D0%B0%D0%BB%D0%B0%D0%BA%D1%82%D0%B8%D0%BA%D0%B8+3
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/barbi?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D0%B0%D1%80%D0%B1%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/narecsenii-z-all-inclusive?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9D%D0%B0%D1%80%D0%B5%D1%87%D0%B5%D0%BD%D0%B8%D0%B9+%D0%B7+all+inclusive
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/meg-2?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B5%D0%B3+2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/slabacska?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%BB%D0%B0%D0%B1%D0%B0%D1%87%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/p-dl-tki-mutanti-cerepashki-n-ndzya-pogrom-mutant-v?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%B8+-+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D1%8B+%D0%A7%D0%B5%D1%80%D0%B5%D0%BF%D0%B0%D1%88%D0%BA%D0%B8-%D0%BD%D0%B8%D0%BD%D0%B4%D0%B7%D1%8F%3A+%D0%9F%D0%BE%D0%B3%D1%80%D0%BE%D0%BC+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D0%BE%D0%B2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/stihii?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%82%D0%B8%D1%85%D0%B8%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pacya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D1%80%D0%BE%D1%81%D0%B5%D0%BD%D0%BE%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pobacsennya-na-vener?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B2%D0%B8%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5+%D0%BD%D0%B0+%D0%92%D0%B5%D0%BD%D0%B5%D1%80%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kudlat-perc?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9B%D0%BE%D1%85%D0%BC%D0%B0%D1%82%D1%8B%D0%B5+%D0%BF%D0%B5%D1%80%D1%86%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/cverh-estestvennoe?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B2%D0%B5%D1%80%D1%85%D1%8A%D0%B5%D1%81%D1%82%D0%B5%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mavka-lesnaya-pesnya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D0%B2%D0%BA%D0%B0.+%D0%9B%D0%B5%D1%81%D0%BD%D0%B0%D1%8F+%D0%BF%D0%B5%D1%81%D0%BD%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/korol-repu?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%BE%D1%80%D0%BE%D0%BB%D0%B8+%D1%80%D1%8D%D0%BF%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/m-s-ya-na-dvoh?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%81%D1%81%D0%B8%D1%8F+%D0%BD%D0%B0+%D0%B4%D0%B2%D0%BE%D0%B8%D1%85
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/sinii-juk?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B8%D0%BD%D0%B8%D0%B9+%D0%B6%D1%83%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/govori-do-mene?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%93%D0%BE%D0%B2%D0%BE%D1%80%D0%B8+%D1%81%D0%BE+%D0%BC%D0%BD%D0%BE%D0%B9
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/maetok-z-prividami?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BC%D0%B5%D0%BD%D0%B8%D0%B5+%D1%81+%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%D0%BC%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/veresen?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%B5%D1%80%D0%B5%D1%81%D0%B5%D0%BD%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: http://avtosale.ua/?utm_source=ukr.net&utm_medium=Logo&utm_campaign=informers

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=2237&utm_source=ukr.net&utm_medium=Ford_Kuga&utm_campaign=informers&CarCommercial=2
Title: 1 169 845 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=32971&utm_source=ukr.net&utm_medium=Ford_Tourneo_custom&utm_campaign=informers&CarCommercial=2
Title: 2 068 853 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=16977&utm_source=ukr.net&utm_medium=Renault_Duster&utm_campaign=informers&CarCommercial=2
Title: 658 700 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5201&utm_source=ukr.net&utm_medium=Renault_Koleos&utm_campaign=informers&CarCommercial=2
Title: 751 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=954&utm_source=ukr.net&utm_medium=Hyundai_I10&utm_campaign=informers&CarCommercial=2
Title: 377 300 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=32630&utm_source=ukr.net&utm_medium=Renault_Sandero_stepway&utm_campaign=informers&CarCommercial=2
Title: 437 100 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=936&utm_source=ukr.net&utm_medium=Hyundai_Santa_fe&utm_campaign=informers&CarCommercial=2
Title: 1 265 900 грн

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3439055/tsogo_tyjnya_magate_zafiksuvalo_vybuhy_ta_strilyanynu_poblyzu_zaporizkoyi_aes
Title: Цього тижня МАГАТЕ зафіксувало вибухи та стрілянину поблизу Запорізької АЕС

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/2042930-litaki-dlya-ukrayini-budut-dodatkova-bronetekhnika-bude-zelenskiy-pidbiv-pidsumki-vizitu-do-krayin-yevropi
Title: Літаки для України будуть, додаткова бронетехніка буде: Зеленський підбив підсумки візиту до країн Європи

Search URL Search Domain Scan URL

URL: https://www.slovoidilo.ua/2023/08/22/novyna/bezpeka/zvedennya-henshtabu-zsu-vidbyly-vsi-ataky-voroha-nastupayut-odnomu-napryamku
Title: Зведення Генштабу: ЗСУ відбили всі атаки ворога і наступають на одному напрямку

Search URL Search Domain Scan URL

URL: https://sprotyv.info/news/u-krivomu-rozi-vnaslidok-rosijskogo-udaru-poshkodzheno-desyatki-budinkiv/
Title: У Кривому Розі внаслідок російського удару пошкоджено десятки будинків

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/voennye-novosti/587519-u-minoboroni-rf-zayavili-pro-znishennya-ukrayinskogo-katera-bilya-zmiyinogo-reakciya-vms-video
Title: У Міноборони РФ заявили про знищення українського катера біля Зміїного: реакція ВМС (відео)

Search URL Search Domain Scan URL

URL: https://zn.ua/ukr/war/rosijani-topljat-poromi-bilja-krimskoho-mostu-hur.html
Title: Росіяни топлять пороми біля Кримського мосту – ГУР

Search URL Search Domain Scan URL

URL: https://censor.net/ua/video_news/3439051/skyd_odniyeyi_granaty_znyschyv_bmp_i_sklad_min_okupantiv_video
Title: Скид однієї гранати знищив БМП і склад мін окупантів. ВIДЕО

Search URL Search Domain Scan URL

URL: https://bukvy.org/rosiyany-utrymuyut-v-azovskomu-mori-nosiya-kalibriv-vms-zsu/
Title: Росіяни утримують в Азовському морі носія «Калібрів» – ВМС ЗСУ

Search URL Search Domain Scan URL

URL: https://www.pravda.com.ua/news/2023/08/22/7416667/
Title: Україна погодилась на "гібридний трибунал" для Росії, але зі змінами

Search URL Search Domain Scan URL

URL: https://bukvy.org/administracziya-bajdena-vpevnena-shho-kongres-uhvalyt-dodatkove-finansuvannya-dlya-ukrayiny-sallivan/
Title: Адміністрація Байдена впевнена, що Конгрес ухвалить додаткове фінансування для України – Салліван

Search URL Search Domain Scan URL

URL: https://armyinform.com.ua/2023/08/22/oleksij-reznikov-podyakuvav-korolivstvu-niderlandiv-za-pidtrymku/
Title: Олексій Резніков подякував Королівству Нідерландів за підтримку

Search URL Search Domain Scan URL

URL: https://nv.ua/ukr/world/geopolitics/genocid-v-ukrajini-sud-gaagi-u-veresni-zasluhaye-zaperechennya-rosiji-ostanni-novini-50348215.html
Title: Суд Гааги у вересні заслухає Росію у справі про геноцид українців

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3439059/tsvk_zareyestruvala_tararina_narodnym_deputatom_vid_slugy_narodu_zamist_holodova
Title: ЦВК зареєструвала Тараріна народним депутатом від "Слуги народу" замість Холодова

Search URL Search Domain Scan URL

URL: https://bukvy.org/do-100-tysyach-grn-uryad-kompensuvatyme-praczedavczyam-vytraty-na-oblashtuvannya-robochyh-miscz-dlya-osib-z-invalidnistyu/
Title: До 100 тисяч грн: уряд компенсуватиме працедавцям витрати на облаштування робочих місць для осіб з інвалідністю

Search URL Search Domain Scan URL

URL: https://espreso.tv/putin-u-zvernenni-do-uchasnikiv-samitu-briks-zayaviv-shcho-rf-gotova-povernutisya-do-zernovoi-ugodi
Title: Путін у зверненні до учасників саміту БРІКС заявив, що РФ готова повернутися до "зернової угоди"

Search URL Search Domain Scan URL

URL: https://ua.news/ua/money/neft-prodolzhaet-oslabevat-chto-obrushyvaet-myrovye-tseny
Title: Нафта продовжує слабшати: що обвалює світові ціни

Search URL Search Domain Scan URL

URL: https://banki.ua/articles/stavky-za-mikrokredytamy-v-ukrayini-hochut-obmezhyty-rivnem-1-na-den-proyekt-zakonu
Title: Ставки за мікрокредитами в Україні хочуть обмежити рівнем 1% на день: проєкт закону

Search URL Search Domain Scan URL

URL: https://thepage.ua/ua/news/opalyuvalnij-sezon-2023-2024-yakimi-budut-tarifi-na-teplo-dlya-ukrayinciv
Title: Тарифи на тепло для українців залишаться незмінними

Search URL Search Domain Scan URL

URL: https://ukrayina.pl/ukrayina/7,183471,30106903,1053-1072-1047-1072-1082-1072-1088-1087-1072-1090-1090-1110.html
Title: На Закарпатті директор надсилав ЗСУ браковані бронежилети. Спеціально завищив ціни

Search URL Search Domain Scan URL

URL: https://internetua.com/u-vinnici-viiskkom-za-habar-rozdavav-povistki-sxob-csolovikiv-ne-mobilizuvali-yak-pracuavala-shema
Title: У Вінниці військком за хабар роздавав "повістки", щоб чоловіків не мобілізували: як працювала схема

Search URL Search Domain Scan URL

URL: https://enovosty.com/uk/news-ukr/news_abroad-ukr/full/2208-u-polshhi-futbolni-ultras-pobili-ta-pograbuvali-ukrainciv
Title: У Польщі футбольні ультрас побили та пограбували українців

Search URL Search Domain Scan URL

URL: https://delo.ua/society/v-izmayili-z-kapitaniv-suden-vimagali-xabari-zaarestovano-nacalnika-viddilu-prikordonnoyi-sluzbi-z-pidleglim-foto-422891/
Title: В Ізмаїлі з капітанів суден вимагали хабарі: заарештовано начальника відділу прикордонної служби з підлеглим (ФОТО)

Search URL Search Domain Scan URL

URL: https://crimezone.in.ua/dtp/18146-na-lvivschini-legkovik-vletiv-u-derevo-na-shalenij-shvidkosti-foto.html
Title: На Львівщині легковик влетів у дерево на шаленій швидкості (ФОТО)

Search URL Search Domain Scan URL

URL: https://uatv.ua/uk/vyklyuchyty-rosiyu-z-yunesko-malorealno-pokladaty-na-tse-nadiyi-ne-varto-shamshur/
Title: Виключити Росію з ЮНЕСКО малореально, покладати на це надії не варто, — Шамшур

Search URL Search Domain Scan URL

URL: https://donpatriot.news/article/nazvano-naynebezpechnishi-yevropeyski-mista
Title: Названо найнебезпечніші європейські міста

Search URL Search Domain Scan URL

URL: https://sud.ua/uk/news/abroad/278877-ukraintsy-buduchi-v-polshe-ne-smogut-poluchit-polskuyu-vizu
Title: Українці, перебуваючи у Польщі, не зможуть отримати польську візу

Search URL Search Domain Scan URL

URL: https://kyiv.ukrainianwall.com/uk/106743-zharu-zminyat-grozi-sinoptik-didenko-dala-prognoz-pogodi-na-seredu
Title: Синоптик Діденко розповіла, якою буде погода 23 серпня

Search URL Search Domain Scan URL

URL: https://hromadske.ua/posts/v-ukrayini-zmenshili-kilkist-dokumentiv-dlya-otrimannya-statusu-uchasnika-bojovih-dij
Title: В Україні зменшили кількість документів для отримання статусу учасника бойових дій

Search URL Search Domain Scan URL

URL: https://internetua.com/u-kiyevi-viplacsuuat-koshti-sim-yam-zagiblih-zahisnikiv-yak-otrimati-dopomogu
Title: У Києві виплачують кошти сім'ям загиблих захисників: як отримати допомогу

Search URL Search Domain Scan URL

URL: https://kyivschina24.com/news/vidnovyty-zrujnovane-u-buchi-pochaly-rekonstrukcziyu-bagatopoverhivky/
Title:  Відновити зруйноване: у Бучі почали реконструкцію багатоповерхівки

Search URL Search Domain Scan URL

URL: https://meta.ua/uk/news/society/85382-navchannya-u-shkolah-stolitsi-trivatime-z-1-veresnya-po-31-travnya-kmda/
Title: Навчання у школах столиці триватиме з 1 вересня по 31 травня — КМДА

Search URL Search Domain Scan URL

URL: https://bigkyiv.com.ua/stolychni-policzejski-vkotre-staly-donoramy-krovi/
Title: Столичні поліцейські вкотре стали донорами крові

Search URL Search Domain Scan URL

URL: https://mykyivregion.com.ua/news/na-kiyivshhini-vikrili-sxemu-nezakonnogo-znyattya-z-viiskovogo-obliku
Title: На Київщині викрили схему незаконного зняття з військового обліку

Search URL Search Domain Scan URL

URL: https://dw.com/p/4VSbM?maca=ukr-rss-ukrnet-ukr-all-3816-xml
Title: Маск оголосив чергові зміни на платформі X

Search URL Search Domain Scan URL

URL: https://ilenta.com/uk/reviews/reviews_5800.html
Title: Огляд флагманського планшета Lenovo Tab P12 Pro

Search URL Search Domain Scan URL

URL: https://mediasat.info/uk/2023/08/22/4-google-sprostyt-perevedennya-esim-mizh-android-prystroyamy-yak-same/
Title: Google спростить переведення eSIM між Android-пристроями: як саме?

Search URL Search Domain Scan URL

URL: https://nnews.com.ua/u-mobilnomu-chrome-z-yavyvsya-shi-yakyj-perekazuye-dovgi-statti-ta-vydilyaye-sut.html
Title: У мобільному Chrome з’явився ШІ, який переказує довгі статті та виділяє суть

Search URL Search Domain Scan URL

URL: https://ukrayina.pl/ukrayina/7,183470,30106824,1041-1086-1088-1086-1090-1100-1073-1072-1079.html
Title: Боротьба з колаборантами: користувачі інтернету надіслали понад 6 мільйонів скарг для блокування пропагандистських ресурсів

Search URL Search Domain Scan URL

URL: https://internetua.com/u-yegipti-viyavili-misto-rimskoyi-dobi-yake-csudovo-zbereglos
Title: У Єгипті виявили місто римської доби, яке чудово збереглось

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/na-tenerife-viyavili-unikalnu-anomaliyu-shho-upovilnyuye-chas
Title: На Тенеріфе виявили унікальну аномалію, що уповільнює час

Search URL Search Domain Scan URL

URL: https://cikavosti.com/kysen-mig-zyavytysya-na-zemli-bez-globalnyh-potryasin-i-evolyucziyi/
Title: Кисень міг з’явитися на Землі без глобальних потрясінь і еволюції

Search URL Search Domain Scan URL

URL: https://portaltele.com.ua/news/nauka/vcheni-kazhut-shho-dumky-pro-boga-zmushuyut-lyudej-bilshe-doviryaty-rekomendatsiyam-shi.html
Title: Вчені кажуть, що думки про Бога змушують людей більше довіряти рекомендаціям ШІ

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/tehno-oboz/teleskop-nasa-pokazav-yaskravu-peredsmertnu-agoniyu-dalekoi-zirki-foto.htm
Title: Телескоп NASA показав яскраву передсмертну агонію далекої зірки. Фото

Search URL Search Domain Scan URL

URL: https://www.autocentre.ua/ua/news/nazvany-samye-populyarnye-poderzhannye-avtomobili-iz-ssha-1459373.html
Title: Названі найпопулярніші вживані автомобілі із США

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/70-richnij-znishhenij-ferrari-pustili-z-molotka-za-2-miljoni-dolariv
Title: 70-річний знищений Ferrari пустили з молотка за 2 мільйони доларів

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/news/latviya-peredast-ukrayini-38-avtomobiliv-1692726037.html
Title: Латвія передасть Україні 38 автомобілів, які конфіскувала у п'яних водіїв

Search URL Search Domain Scan URL

URL: https://dw.com/p/4VSa5?maca=ukr-rss-ukrnet-ukr-all-3816-xml
Title: Україна і Польща створять спільний пункт пропуску на кордоні - Шмигаль

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/avto-oboz/nedorogij-premium-u-kitai-stvorili-rozkishnij-avtomobil-za-privablivoyu-tsinoyu.htm
Title: Недорогий преміум: у Китаї створили розкішний автомобіль за привабливою ціною

Search URL Search Domain Scan URL

URL: https://www.ua-football.com/ua/foreign/england/1692726669-mak-allister-unikne-diskvalifikaciyi-futbolna-federaciya-pomyakshila-zapobizhniy-zahid.html?utm_source=ukrnet&utm_medium=cpc&utm_campaign=uanewsukrnet
Title: Мак Аллістер уникне дискваліфікації. Футбольна федерація пом'якшила запобіжний захід

Search URL Search Domain Scan URL

URL: http://sport.ua/uk/news/638760-sergiy-kovalets-prognozuyu-potraplyannya-dinamo-v-ligu-konferentsiy
Title: Сергій КОВАЛЕЦЬ: «Прогнозую потрапляння Динамо в Лігу конференцій»

Search URL Search Domain Scan URL

URL: https://ua.tribuna.com/uk/football/1000000089899-rukovoditeli-saudovskoj-ligi-ne-xotyat-chtoby-kluby-podp/
Title: Керівники саудівської ліги не хочуть, щоб клуби підписували Грінвуда – вони побоюються шкоди репутації

Search URL Search Domain Scan URL

URL: https://betauth.com/news/1804-soglasovan-transfer-chempiona-mira-mezhdu-bavariey-i-interom.html
Title: Узгоджено трансфер чемпіона світу між Баварією та Інтером

Search URL Search Domain Scan URL

URL: https://btu.org.ua/ua/news/ukrainskiy-tennis/46232-pryama-translyaciya-dayana-yastremska-hezer-votson-us-open-kvalifikaciya.html
Title: Пряма трансляція: Даяна Ястремська - Гезер Вотсон. US Open. Кваліфікація

Search URL Search Domain Scan URL

URL: https://lady.kyiv.ua/zdorov-ya/znajdeno-prirodnu-rechovinu-yaka-vidnovlyuye-mozok-pislya-insultu/
Title: Знайдено природну речовину, яка відновлює мозок після інсульту

Search URL Search Domain Scan URL

URL: http://zdorovia.com.ua/likar/62134pogana-gigiena-rotovoi-porozhnini-povyazana-rozvitkom-diabetu.html
Title: Погана гігієна ротової порожнини пов'язана розвитком діабету

Search URL Search Domain Scan URL

URL: https://mysugar.media/aktual-no/6-oznak-ghormonal-nogho-disbalansu-10320159.html
Title: 6 ознак гормонального дисбалансу

Search URL Search Domain Scan URL

URL: https://glamour.kyiv.ua/pilates/7-problem-z-volossyam-yaki-mozhut-govoriti-pro-porushennya-v-organizmi/
Title: 7 проблем з волоссям, які можуть говорити про порушення в організмі

Search URL Search Domain Scan URL

URL: https://womanlife.kyiv.ua/zdorovya/krashhij-napij-dlya-priskorennya-obminu-rechovin-nazvala-diyetolog/
Title: Кращий напій для прискорення обміну речовин назвала дієтолог

Search URL Search Domain Scan URL

URL: https://noviydoctor.com/shou-biznes/novini/40852-bagato-vsogo-vid-nerviv-dasha-astaf-eva-ziznalasya-chomu-v-nei-dosi-nemae-ditei-v-38-rokiv?utm_source=ukr.net
Title: Даша Астафʼєва відверто розповіла, чому в неї досі немає дітей

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/vagitna-spivachka-luna-rozsekretila-stat-majbutno%d1%97-ditini
Title: Вагітна співачка Луна розсекретила стать майбутньої дитини

Search URL Search Domain Scan URL

URL: http://storinka.com.ua/ukr/2023/08/dostigaut-serdca-pat-samyh-izvestnyh-pesen-toto-kutuno-video/
Title: "Досягають серця": п'ять найвідоміших пісень Тото Кутуньо (відео)

Search URL Search Domain Scan URL

URL: https://hochu.ua/ukr/cat-stars/novosti-shou-biznesa/article-121348-dumal-na-svadbu-priglashaete-sergey-zhadan-i-kristina-soloviy-vzbudorazhili-set-sovmestnyim-video/
Title: "Думав, на весілля запрошуєте": Сергій Жадан та Христина Соловій розбурхали мережу спільним відео

Search URL Search Domain Scan URL

URL: https://novyny.live/shou-biznes/sin-dashi-kvitkovoyi-ta-nikiti-dobrinina-potrapiv-do-likarni-114309.html
Title: Син Даші Квіткової та Нікіти Добриніна потрапив до лікарні

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/zagroza-dlya-izra%d1%97lyu-ta-ssha-iran-predstaviv-novij-udarnij-dron-mohajer-10
Title: Загроза для Ізраїлю та США. Іран представив новий ударний дрон Mohajer-10

Search URL Search Domain Scan URL

URL: https://charter97.org/ru/news/2023/8/22/560788/
Title: Американка вводила одни и те же числа в течение 20 лет и выиграла $200 тысяч

Search URL Search Domain Scan URL

URL: https://progroshi.news/news/avto/u-krajini-agresori-lyudi-masovo-skarzhatsya-na-porozhni-avtozapravki-shcho-vidbuvayetsya-9200.html
Title: У країні-агресорі люди масово скаржаться на порожні автозаправки – що відбувається

Search URL Search Domain Scan URL

URL: https://newssky.com.ua/ssha-prodadut-polshhi-96-udarnyh-gelikopteriv-apache/
Title: США продадуть Польщі 96 ударних гелікоптерів Apache

Search URL Search Domain Scan URL

URL: https://internetua.com/polsxa-pidtverdjuye-peremisxennya-yadernoyi-zbroyi-rf-do-bilorusi
Title: Польща підтверджує переміщення ядерної зброї РФ до Білорусі

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/zalishivsya-u-las-vegasi-bez-gospodini-u-goteli-kazino-znajshli-kota-vin-stav-geroyem-tiktok
Title: Залишився у Лас-Вегасі без господині: у готелі-казино знайшли кота — він став героєм TikTok

Search URL Search Domain Scan URL

URL: https://zhenskiy.kyiv.ua/lifestyle/tse-zh-yak-treba-nenaviditi-lyudej-shhob-stati-dantistom-veseli-zharti-pro-stomatologiv-foto/
Title: Це ж як треба ненавидіти людей, щоб стати дантистом: веселі жарти про стоматологів (ФОТО)

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/lifestyle/587490-u-tiktok-zapustili-novij-chelendzh-rozbij-yajce-ob-golovu-svoyeyi-ditini-video
Title: У TikTok запустили новий челендж: "Розбий яйце об голову своєї дитини" (відео)

Search URL Search Domain Scan URL

URL: https://enovosty.com/uk/news-ukr/news_politics-ukr/full/2208-zovsim-poganij-stav-putin-vkotre-osoromivsya-pereplutavshi-livu-ruku-z-pravoyu
Title: Зовсім поганий став: Путін вкотре осоромився, переплутавши ліву руку з правою

Search URL Search Domain Scan URL

URL: https://internetua.com/britanec-zirvav-u-lotereyi-kush-pislya-togo-yak-pomolivsya-meteliku-
Title: Британець зірвав у лотереї «куш» після того, як «помолився метелику»

Search URL Search Domain Scan URL

URL: https://bukvy.org/u-ternopoli-vidkryly-vystavku-kartyn-namalovanyh-poranenymy-vijskovymy-foto/
Title: У Тернополі відкрили виставку картин, намальованих пораненими військовими (Фото)

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/pleminnicya-dzhona-kennedi-vijshla-zamizh-za-pakistanskogo-biznesmena-foto
Title: Племінниця Джона Кеннеді вийшла заміж за пакистанського бізнесмена (ФОТО)

Search URL Search Domain Scan URL

URL: https://enovosty.com/uk/news-ukr/news-culture-ukr/full/2208-kiivski-mitniki-viluchili-z-posilki-ridkisni-bronzovi-artefakti-kiivskoi-rusi
Title: Київські митники вилучили з посилки рідкісні бронзові артефакти Київської Русі

Search URL Search Domain Scan URL

URL: https://armyinform.com.ua/2023/08/22/u-stolyczi-vidkrylasya-fotovystavka-zahysnyky-nezalezhnosti/
Title: У столиці відкрилася фотовиставка «Захисники Незалежності»

Search URL Search Domain Scan URL

URL: https://telegraf.com.ua/ukr/ukraina/2023-08-22/5805354-mistse-dovgoochikuvanikh-zustrichey-ta-zvorushlivikh-proshchan-shcho-vidbuvaetsya-na-vokzali-u-kramatorsku-eksklyuzivni-foto?traffic_source=ukr.net
Title: Місце довгоочікуваних зустрічей та зворушливих прощань: що відбувається на вокзалі у Краматорську (ексклюзивні фото)

Search URL Search Domain Scan URL

URL: https://kriminal.tv/news/na_harkivschini_68_richna_zhinka_sama_povnistju_rozibrala_avtivku_cholovika_abi_shovati_vid_okupantiv_i_peredati_zsu_video.html
Title: На Харківщині 68-річна жінка сама повністю розібрала автівку чоловіка, аби сховати від окупантів і передати ЗСУ - відео

Search URL Search Domain Scan URL

URL: https://censor.net/ua/video_news/3439057/u_byelgorodi_vikna_pershyh_poverhiv_shkoly_zakryvayut_mishkamy_z_piskom_video
Title: У Бєлгороді вікна перших поверхів школи закривають мішками з піском. ВIДЕО

Search URL Search Domain Scan URL

URL: https://bukvy.org/reper-drejk-podaruvav-pryhylnyczi-sumku-hermes-birkin-vartistyu-35-tysyach/
Title: Репер Дрейк подарував прихильниці сумку Hermes Birkin вартістю $35 тисяч

Search URL Search Domain Scan URL

URL: https://internetua.com/u-mereji-z-yavilosya-video-yak-nibito-pracivnik-tck-pistoletom-pogrojuvav-kiyaninu-komentar-policiyi
Title: У Мережі з'явилося відео, як нібито працівник ТЦК пістолетом погрожував киянину: коментар поліції

Search URL Search Domain Scan URL

URL: https://v-variant.com.ua/u-zsu-pokazaly-iak-u-serebrianskomu-lisi-pratsiuiut-po-rosiianakh-z-sph-video/
Title: У ЗСУ показали, як у Серебрянському лісі працюють по росіянах з СПГ (відео)

Search URL Search Domain Scan URL

URL: https://internetua.com/yak-skazati-ukrayinskoua-holostyak-garna-zamina
Title: Як сказати українською "холостяк": гарна заміна

Search URL Search Domain Scan URL

URL: https://ua-novosti.info/zdorovye/top-pravila-yak-trimati-sebe-u-formi-i-viglyadati-na-vsi-100.html
Title: ТОП-правила, як тримати себе у формі і виглядати на всі 100

Search URL Search Domain Scan URL

URL: https://beautytips.kyiv.ua/novini/sekreti-makiyazhu-yaki-dopomozhut-zrobiti-zubi-bilishimi/
Title: Секрети макіяжу, які допоможуть зробити зуби білішими

Search URL Search Domain Scan URL

URL: https://useti.org.ua/lifestyle/tri-znaki-zodiaku-mayut-zosereditisya-na-kohanni-goroskop-do-kintsya-lita/
Title: Три знаки зодіаку мають зосередитися на коханні: Гороскоп до кінця літа

Search URL Search Domain Scan URL

URL: https://life-ukr.uaportal.com/section-lifestyle/news-tri-znaka-zodiaka-postoyanno-ubegayut-ot-otvetstvennosti-na-nih-nelzya-polozhitsya-22-08-2023.html
Title: Три знаки зодіаку постійно тікають від відповідальності: на них не можна покластися

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/dlya-sercya-i-proti-insultu-prostij-chaj-viyavivsya-odnim-z-najbilsh-korisnix-2
Title: Для серця і проти інсульту: простий чай виявився одним з найбільш корисних

Search URL Search Domain Scan URL

URL: https://novyny.live/yizha/aromatni-ogirki-na-zimu-z-chasnikom-ta-girchitseiu-za-babusinim-retseptom-114177.html
Title: Ароматні огірки на зиму з часником та гірчицею за бабусиним рецептом

Search URL Search Domain Scan URL

URL: https://food.obozrevatel.com/news/rogaliki-s-makom-kak-prigotovit-aromatnuyu-i-hrustyaschuyu-vyipechku-za-30-minut.htm?lang=ua
Title: Рогалики з маком: як приготувати ароматну та хрумку випічку за 30 хвилин

Search URL Search Domain Scan URL

URL: https://pixelinform.com/food/shho-prygotuvaty-z-baklazhaniv-reczept-gruzynskoyi-zakusky-z-gorihamy/
Title: Що приготувати з баклажанів: рецепт грузинської закуски з горіхами

Search URL Search Domain Scan URL

URL: https://recepty.znaj.ua/464603-recept-smachnogo-ta-aromatnogo-marinadu-dlya-gribiv-deshevo-ta-serdito
Title: Рецепт смачного та ароматного маринаду для грибів: дешево та сердито

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpd&utm_campaign=banner_shiny-diski_brendirovanie-toplivo&utm_content=120-77

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aries/today.html
Title: Овен

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/taurus/today.html
Title: Телець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/gemini/today.html
Title: Близнюки

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/cancer/today.html
Title: Рак

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/lion/today.html
Title: Лев

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/virgo/today.html
Title: Дiва

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/libra/today.html
Title: Терези

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/scorpio/today.html
Title: Скорпiон

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/sagittarius/today.html
Title: Стрiлець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/capricorn/today.html
Title: Козоріг

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aquarius/today.html
Title: Водолій

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/pisces/today.html
Title: Риби

Search URL Search Domain Scan URL

URL: http://orakul.com/sonnik/
Title: Сонник

Search URL Search Domain Scan URL

URL: http://orakul.com/imena/
Title: Тлумачення імен

Search URL Search Domain Scan URL

URL: http://orakul.com/taro/
Title: Таро

Search URL Search Domain Scan URL

URL: https://shinadiski.com.ua/
Title: Шини для авто та диски

Search URL Search Domain Scan URL

URL: https://www.zapchast.com.ua/
Title: Автозапчастини

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=link_shiny-diski_ssylka-na-glavnoy&utm_content=text
Title: Авторезина та диски

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/
Title: Купити нове авто

Search URL Search Domain Scan URL

URL: https://autoshini.com/?utm_source=ukr.net
Title: Шини та диски

Search URL Search Domain Scan URL

URL: http://transshina.com.ua/
Title: Автошини та диски

Search URL Search Domain Scan URL

URL: https://ukrguma.com.ua/poroshkove-farbuvannya/
Title: Фарбування дисків

Search URL Search Domain Scan URL

URL: http://kiaparts.com.ua/
Title: Запчаст. Kia, Hyundai

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_liberti-967/
Title: Інфініті ВІДІ Ліберті

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_insite-1120/
Title: CR-V Hybrid в наявності

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Toyota_center_odessa_vidi_palmira-1038/#Id=7316;event=news;_page=news_item;tab=news_tab;ajax=1
Title: Toyota з вигодою до -5%

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_armada-993/
Title: Ніссан ВІДІ Армада

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_avtostrada-961/
Title: Corolla в наявності

Search URL Search Domain Scan URL

URL: https://www.optics-pro.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=optica
Title: Оптика для полювання

Search URL Search Domain Scan URL

URL: https://ukroptica.com.ua/
Title: Тепловізори і оптика

Search URL Search Domain Scan URL

URL: https://www.aks.ua/uk/
Title: Мобільні аксесуари

Search URL Search Domain Scan URL

URL: https://sotnyk.net/ua/teplovizory/
Title: Військові тепловізори

Search URL Search Domain Scan URL

URL: https://helplist.io/
Title: Об'єднання волонтерів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/687761881312683
Title: Свалявський рух опору

Search URL Search Domain Scan URL

URL: https://dovidka.info/
Title: Dovidka.info

Search URL Search Domain Scan URL

URL: https://savelife.in.ua/donate/
Title: Підтримка армії

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/create?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_host&utm_id=ukrnet
Title: Житло біженцям

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/about/support-the-armed-forces
Title: Допомога ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/president.gov.ua
Title: Офіс Президента

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KabminUA
Title: Кабінет Міністрів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mvs.gov.ua
Title: Мін. внутрішніх справ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MNS.GOV.UA
Title: ДСНС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TerritorialDefenseForces
Title: ТерО ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUStratCom
Title: СтратКом ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dsszzi
Title: Держспецзвʼязок

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUkraine
Title: ЗС України

Search URL Search Domain Scan URL

URL: https://sprotyv.mod.gov.ua/
Title: Центр нац. спротиву

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeneralStaff.ua
Title: Ген штаб ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MinistryofDefence.UA
Title: Міністерство оборони

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UA.National.Police
Title: Національна поліція

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DPSUkraine
Title: ДПС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NGUmainpage
Title: Нацгвардія України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StratcomCentreUA
Title: Центр інф. безпеки

Search URL Search Domain Scan URL

URL: https://www.facebook.com/navy.mil.gov.ua
Title: ВМС ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CinCAFU
Title: Головнокомандувач

Search URL Search Domain Scan URL

URL: https://klubnatura.pl/pages/solidarni-z-ukraina
Title: Допомога в Польщі

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/03/11/247770/
Title: Пошук житла

Search URL Search Domain Scan URL

URL: https://www.immobilienscout24.de/lp/hilfe-fuer-die-ukraine.html
Title: Житло в Німеччині

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/
Title: Прихисток для біженців

Search URL Search Domain Scan URL

URL: https://chytomo.com/dlia-kulturnykh-diiachiv-i-osvitian-dopomoha-i-pratsevlashtuvannia-za-kordonom/
Title: Працевлаштування за кордоном

Search URL Search Domain Scan URL

URL: https://zib.com.ua/ua/151001-timchasoviy_zahist_na_kipri_mozhlivosti_dlya_ukrainciv.html
Title: Допомога на Кіпрі

Search URL Search Domain Scan URL

URL: https://www.bamf.de/DE/Themen/AsylFluechtlingsschutz/ResettlementRelocation/InformationenEinreiseUkraine/informationen-einreise-ukraine-node.html
Title: Допомога в Німеччині

Search URL Search Domain Scan URL

URL: https://www.ukrainetakeshelter.com/
Title: Розміщення біженців

Search URL Search Domain Scan URL

URL: https://www.facebook.com/752118234860641/posts/7149925781746489/?d=n
Title: Сайти допомоги

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_guest&utm_id=ukrnet
Title: Безкоштовне житло в Україні

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/culture/puteshestviya/kijiv-vilnyus-shcho-maye-znati-kozhen-ukrajinskiy-bizhenec.html
Title: Допомога у Вільнюсі

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/bizhenci-z-ukrajini-do-latviji-yak-i-de-peretnuti-kordon-otrimati-dopomogu-robotu-ta-de-zhiti-50228296.html
Title: Допомога у Латвії

Search URL Search Domain Scan URL

URL: https://t.me/miUkraune
Title: Міністерство інфраструктури України

Search URL Search Domain Scan URL

URL: https://t.me/uksatse_official
Title: Украерорух

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uspa.gov.ua
Title: Адміністрація морських портів України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DSBT.UA
Title: Державна служба України з безпеки на транспорті (ДСБТ)

Search URL Search Domain Scan URL

URL: https://t.me/UkrzalInfo
Title: Укрзалізниця

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airportboryspil/
Title: Міжнародний аеропорт “Бориспіль”

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lvivinternationalairport/
Title: Міжнародний аеропорт “Львів”

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_5_1.pdf
Title: ФОП 3-ї групи ЄП-5%

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_2_1.pdf
Title: ФОП 3-ї групи ЄП 2%

Search URL Search Domain Scan URL

URL: https://trafmag.com/

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NzI2fDEzODcyfDIxNy4xMTQuMjE4LjI1fDcyODEyMzAwfDE2OTI3MjgzNTJ8M2Y0MWQyMzU2NmU3NDdlNWEyMDc5NzA5Yzk2YzM0NzZ8MzMz&vid=2182547797805146

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NzI2fDEzODcyfDIxNy4xMTQuMjE4LjI1fDcyODEyMjk3fDE2OTI3MjgzNTJ8NWE0OWNjNjM3Zjc4ZDkzODI4ZDYwOWM1ZjkxOTE1MmJ8MzMz&vid=2182547797805146

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NzI2fDEzODcyfDIxNy4xMTQuMjE4LjI1fDU4MTU5NjYyfDE2OTI3MjgzNTJ8ODNmZTY2Y2Y3NTVlMGUyYzZjOGRlYjMyNjc2NjhjNDl8MzMz&vid=2182547797805146&pstcnt=4_0
Title: от 253 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NzI2fDEzODcyfDIxNy4xMTQuMjE4LjI1fDcyODEyMjk1fDE2OTI3MjgzNTJ8NTBmNDI4MWUzNWM0OTIyN2RmNWM2Njc5MWY2M2U5MDR8MzMz&vid=2182547797805146

Search URL Search Domain Scan URL

URL: https://mgid.com/

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16986961/i/57452893/0/pp/1/1?h=dlrulNmV4mGhTJJsKsDPkRdVfQW6IoBL23WNzVggov6PCjxlYu96S7aDY-1j5durwrFYAsvZPYrwwO05Jc6wuA**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16988916/i/57452893/0/pp/2/1?h=dlrulNmV4mGhTJJsKsDPkUJkJ4tVv_jMMgUJtBhgK9L0NbeMreARUi3wPCg8z7hyfLGkAX7Rs61Dyh230nLISg**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15323147/i/57452893/0/pp/3/1?h=dlrulNmV4mGhTJJsKsDPkZMgBbKKAU8c8kTZhHJkZQH5FnMb7ZfHyKPDX1t3fkZiyJ8I780huiTfqxVhFetR5A**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16988911/i/57452893/0/pp/4/1?h=dlrulNmV4mGhTJJsKsDPkQux5a-oe7-lRrrhWafZMBjMmpOJqH-V5zrlv-zLxgFe9ogTR1OpfXqUP1Wk1M5rHA**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16984742/i/57452893/0/pp/5/1?h=dlrulNmV4mGhTJJsKsDPkUWEK8OxcyOZ51jCh1RS0VlrEFofoVQbIVPzWiUWg5DGAb0jZ69fGMfPm-VMX_qWbQ**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16572262/i/57452893/0/pp/6/1?h=dlrulNmV4mGhTJJsKsDPkZSSsQuksBg3ybrFUZUr2hyn88feDBV_TprA3tbq7gAxVqPb7JwLrdI-xe-lFnTXqg**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17018910/i/57452893/0/pp/7/1?h=dlrulNmV4mGhTJJsKsDPkfs_i7ZT6iocsaUpC1GtLsftxcuWklaUWP455jFIW26f39A_tJRhqFQM4Nfa4PtPwA**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16067134/i/57452893/0/pp/8/1?h=dlrulNmV4mGhTJJsKsDPkYzBvjzhpbq0_0qARZuwMD3JGc2NmMnhKN1YS6P4bzkmB1jtoA9gPuyGkuUsTuRM0A**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16829240/i/57452893/0/pp/9/1?h=dlrulNmV4mGhTJJsKsDPkUb68FL60wCkZqGNIbu4lxxl04VjCGtNC50vv8ORLOWv0mheahowBh6ij_xSd4Qsnw**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16484518/i/57452893/0/pp/10/1?h=dlrulNmV4mGhTJJsKsDPkYcX-9uT9kj-HodoWF5MPi2Szh9IGuwlGUIaIFvRu0Qq8Dynycz3_tHsDNtCZ__EvA**&rid=65266fb1-4118-11ee-a2e4-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: http://adline.kiev.ua/
Title: Реклама на порталі

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/password_recovery
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/reg
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://zakladki.ukr.net/index.php?action=export
Title: Скачати

Search URL Search Domain Scan URL

URL: http://zakladki.ukr.net/
Title: +ukr.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://mail.ukr.net/widget?lang=uk&theme=default HTTP 303
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Request Chain 84

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=RmRk_HxvdjRQSlBmdUd1dUxHc3ZHSXRadlFUclJESW1EYzhiY1ZXS0l4Smo5TXJuRHJ6YWI4WWhMa3A1VitCZW5aZlRKUFpNTnFuZzZKcnpqeWRHYkNaNXVaSTg0MmxJMlE1aVNiWnJFUC9qaXE0c3pCNGZSU0lESkx6VjZlMUNiUTJMREZhNHhod0VmUExCdVpYclNaTjU2V2FKUXZXV1V4RGoxaHl6QkZ6S295UEFxWkFFTW02RVFmS0Noa1N4VldDQkdhQjF2dXd6VHBXb0srVXJvczVrWGd6UjhYZVN5YS9ObHk4M3ZwTDJQbkNodGpNNGkwWDlFSmphVTM2eTFOc3NpbzFvMzI5Q0k3dDQ4TjZBOXFENmNxZz09fA&cppv=2

Request Chain 91

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6ee3b7d8e70fe77d

Request Chain 93

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=639f4b67-da6e-4fd2-a0a2-5cc50c89c65c

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXEfwDdvi4Lu7NtNa068u4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXEfwDdvi4Lu7NtNa068u4&google_cver=1&C=1

Request Chain 159

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOT8IuSg9T63Wog97zaLRgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELRAMHOkCB90NXC5mfNMHsg&google_cver=1

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG334QmQS6jRGJW9Ls1Pk88&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG334QmQS6jRGJW9Ls1Pk88%26google_cver%3D1

Request Chain 161

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3MTA3MTk3ODEwMjMwNTQ5NQ%3D%3D

Request Chain 173

https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxS7IfzkZMXmONjngAfQtLnoBKblvaBprZWcp8kP8C4QASCI2bOYAWCV8v2BlAfIAQmpAuSln-wSM7I-qAMByAObBKoEhgJP0BoZfRcrUJ34HE-YwB5v9UyQbozJgZ7-ScgPJ1lBz6-KV09GW9w3vFpXFAv-FY0Uy5M6vV0AZsxkWapQp-b2PEUL2aDKivZU797lPKvBSLAO27r_G7BcUAq3avpdEu1iQnRCss0CIlVZdgLK5lGYAKn8bToWmTFX3zTWxoIMDQOSTyODU8ugvZzuqX_nk-8hDgVhnq7vMGONTZvXX4cc-dnamCheua1zjn9ycgZ6JzGzX9rBMCXDcbCX5rHqTSYZr44h16GURMojr4aai55FsHcT5d1Z9MU0Zil5-B_9SI8De1vteu-NOEM0oda_h4Jb2127Fr_eTel-xDO9hnSDkHD0OeQ4wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhfvywfDwgAMV2DPgCh1QWg5NEAEYASAAEgJE3vD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB%26sig%3DAOD64_1rfhrAztMq_kTAV0hJYw3N07BrBQ%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-Cxw-4IyPda_a1qndvyOFeJ-UuS9K1-wIGNILbJ-N5vZ6GcTrbvD-YnB-df7F-ZBmpjb1tKbWeqVm7CWe-Z6bwGPdXoyuiNrGaGK8h8WxO3moyMtElamPLyCVKGSHyNhhxyac7NBRG-kkwi5oIhHSrK22XU7uHTbrj_QVqpzNnzVUWe9hk%26cry%3D1%26dbm_d%3DAKAmf-AZe4niW7vCA2epc-523_a7qAqI5zj_8cHRDS1Kzx4_0NW9bY578BG0eKCJc3mr8j1A2T1OHJSIvbttTczMq2Jc6QHMxiwYdoqifisU3kl8Wqfr0BFvOkgCeANcUyhySghzj0tYmCJFSEtrZCB2zyo1F7Cb44GAQ1Vey8eIoCPQNTGN8dMkF5_n3SYV_KlkyEPTjuKSDfG9PJo1Tt72KxFgTr2FQWxdnIFYqrGJ6_olhgQWDfv8iPldOfccdid2r5lS1qdeg9CwkgPWqvhdRcKddy0OGal-92fv6IR1b-HlTwPrNBn8bLXYr_1uzLvmtzxtmu30fGMXmcudlO5FsKUY8a-igqkXIht-yIZy5dX7iKJfb4H2aCOqWggq0xyM5zARIG3HrOv4d5EKfqUT1rxbeCZc2EQHbkSLUMdFCnGvpqrne4aJXXaik3JrEPwugdBHSZH7aIPWS_9r4raAYaxl6zWatzsdGnsDPa_i-oS58DmsCFU18ue2B1am1rNGFwjm4JxzA0F2u7d7tRh58QrhV-2wc2UE_l-Da538qNb8JybwcjM%26adurl%3D&documentReferer=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=1224832040223&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxS7IfzkZMXmONjngAfQtLnoBKblvaBprZWcp8kP8C4QASCI2bOYAWCV8v2BlAfIAQmpAuSln-wSM7I-qAMByAObBKoEhgJP0BoZfRcrUJ34HE-YwB5v9UyQbozJgZ7-ScgPJ1lBz6-KV09GW9w3vFpXFAv-FY0Uy5M6vV0AZsxkWapQp-b2PEUL2aDKivZU797lPKvBSLAO27r_G7BcUAq3avpdEu1iQnRCss0CIlVZdgLK5lGYAKn8bToWmTFX3zTWxoIMDQOSTyODU8ugvZzuqX_nk-8hDgVhnq7vMGONTZvXX4cc-dnamCheua1zjn9ycgZ6JzGzX9rBMCXDcbCX5rHqTSYZr44h16GURMojr4aai55FsHcT5d1Z9MU0Zil5-B_9SI8De1vteu-NOEM0oda_h4Jb2127Fr_eTel-xDO9hnSDkHD0OeQ4wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhfvywfDwgAMV2DPgCh1QWg5NEAEYASAAEgJE3vD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB%26sig%3DAOD64_1rfhrAztMq_kTAV0hJYw3N07BrBQ%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-Cxw-4IyPda_a1qndvyOFeJ-UuS9K1-wIGNILbJ-N5vZ6GcTrbvD-YnB-df7F-ZBmpjb1tKbWeqVm7CWe-Z6bwGPdXoyuiNrGaGK8h8WxO3moyMtElamPLyCVKGSHyNhhxyac7NBRG-kkwi5oIhHSrK22XU7uHTbrj_QVqpzNnzVUWe9hk%26cry%3D1%26dbm_d%3DAKAmf-AZe4niW7vCA2epc-523_a7qAqI5zj_8cHRDS1Kzx4_0NW9bY578BG0eKCJc3mr8j1A2T1OHJSIvbttTczMq2Jc6QHMxiwYdoqifisU3kl8Wqfr0BFvOkgCeANcUyhySghzj0tYmCJFSEtrZCB2zyo1F7Cb44GAQ1Vey8eIoCPQNTGN8dMkF5_n3SYV_KlkyEPTjuKSDfG9PJo1Tt72KxFgTr2FQWxdnIFYqrGJ6_olhgQWDfv8iPldOfccdid2r5lS1qdeg9CwkgPWqvhdRcKddy0OGal-92fv6IR1b-HlTwPrNBn8bLXYr_1uzLvmtzxtmu30fGMXmcudlO5FsKUY8a-igqkXIht-yIZy5dX7iKJfb4H2aCOqWggq0xyM5zARIG3HrOv4d5EKfqUT1rxbeCZc2EQHbkSLUMdFCnGvpqrne4aJXXaik3JrEPwugdBHSZH7aIPWS_9r4raAYaxl6zWatzsdGnsDPa_i-oS58DmsCFU18ue2B1am1rNGFwjm4JxzA0F2u7d7tRh58QrhV-2wc2UE_l-Da538qNb8JybwcjM%26adurl%3D&documentReferer=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=1224832040223&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 178

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=30438500092764904444554012424021&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 179

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=30438500092764904444554012424021&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4fc24e7656cda16a8cdaf&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 181

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=30438500092764904444554012424021&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 187

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312

196 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ukr.net/
Redirect Chain

http://ukr.net/
https://ukr.net/
https://www.ukr.net/

159 KB
42 KB

77ms
42ms

Document
text/html

104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d327407c591996f802b9ee276e7210ba775021b47cd6bdcd1882afa57c7e2207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-cache-status: DYNAMIC
cf-ray: 7fad1f6a2a6203b0-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 22 Aug 2023 18:19:12 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7fad1f68dffc03b0-FRA
content-type: text/html
date: Tue, 22 Aug 2023 18:19:12 GMT
location: https://www.ukr.net/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 top_links.css
upst.fwdcdn.com/css/1692357341/ 1 KB
756 B 114ms
29ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 370899
etag: W/"64df52f2-48c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
cf-ray: 7fad1f6afcc82bd2-FRA
expires: Wed, 21 Aug 2024 18:19:12 GMT

GET
H2 200 /
upst.fwdcdn.com/css/ 4 KB
2 KB 121ms
37ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
cf-ray: 7fad1f6afcca2bd2-FRA
expires: Wed, 21 Aug 2024 18:19:12 GMT

GET
H2 200 main.css
upst.fwdcdn.com/css/6/portal/ 44 KB
8 KB 114ms
30ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/6/portal/main.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 12:31:02 GMT
server: cloudflare
age: 6500805
etag: "6481ca06-204a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fad1f6afccb2bd2-FRA
content-length: 8266
expires: Wed, 21 Aug 2024 18:19:12 GMT

GET
H2 200 _desktop.js Show response
www.ukr.net/news/ 20 B
210 B 35ms
35ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/news/_desktop.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 17:13:43 GMT
server: cloudflare
age: 3929
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7fad1f6a6aeb03b0-FRA
x-xss-protection: 1; mode=block
expires: Tue, 22 Aug 2023 22:19:12 GMT

GET
H2 200 concat.js Show response
upst.fwdcdn.com/js/4/portal/ 167 KB
51 KB 122ms
38ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 May 2023 14:23:02 GMT
server: cloudflare
age: 7358064
etag: "6474b546-cc89"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fad1f6afccd2bd2-FRA
content-length: 52361
expires: Wed, 21 Aug 2024 18:19:12 GMT

GET
H2 200 main.js Show response
upst.fwdcdn.com/js/10/portal/ 61 KB
17 KB 115ms
31ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/10/portal/main.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Jun 2023 10:06:02 GMT
server: cloudflare
age: 4695116
etag: "649d578a-42fb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fad1f6afcce2bd2-FRA
content-length: 17147
expires: Wed, 21 Aug 2024 18:19:12 GMT

GET
H2 200 zakladki_v2.min.js Show response
zakladki.ukr.net/bookmarks/js/ 104 KB
19 KB 65ms
43ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 10:42:05 GMT
server: cloudflare
age: 480575
etag: W/"5f366a7d-19e00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7fad1f6b8d4b03b0-FRA
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 970x90.png
upst.fwdcdn.com/img/ 3 KB
3 KB 27ms
27ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/970x90.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 17444
etag: "6447ce22-cd3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6b7d9c2bd2-FRA
content-length: 3283
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 logo_ua22c22087822b7534a6e06b0ddf19d28d.gif
upst.fwdcdn.com/temp/holidays/12688/ 6 KB
6 KB 31ms
28ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12688/logo_ua22c22087822b7534a6e06b0ddf19d28d.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba54903c6c14debbc4b3282079ee637898b99d664bf7eb1b3ffc5fc916ea187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 17:23:00 GMT
server: cloudflare
age: 3340
etag: "64e4eef4-1951"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fad1f6b9dce2bd2-FRA
content-length: 6481
expires: Tue, 22 Aug 2023 22:19:12 GMT

GET
H2 200 title_img_ua22c22087822b7534a6e06b0ddf19d28d.gif
upst.fwdcdn.com/temp/holidays/12688/ 2 KB
2 KB 30ms
28ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12688/title_img_ua22c22087822b7534a6e06b0ddf19d28d.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9009a64c8c619cf51d6952908861b7539822617098ebbe556adb09824d46ba53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 17:23:00 GMT
server: cloudflare
age: 3340
etag: "64e4eef4-7a8"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fad1f6b9dd22bd2-FRA
content-length: 1960
expires: Tue, 22 Aug 2023 22:19:12 GMT

GET
H2 200 fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 4 KB
4 KB 31ms
29ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Oct 2014 14:11:04 GMT
server: cloudflare
age: 379246
etag: "542eae78-1134"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6b9dd42bd2-FRA
content-length: 4404
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 5 KB
5 KB 33ms
30ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Oct 2014 10:17:53 GMT
server: cloudflare
age: 378940
etag: "5437b251-134e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6b9dd52bd2-FRA
content-length: 4942
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 300x250.png
upst.fwdcdn.com/img/ 4 KB
4 KB 34ms
32ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x250.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 17439
etag: "6447ce22-e74"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6b9dd92bd2-FRA
content-length: 3700
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 300x145.png
upst.fwdcdn.com/img/ 3 KB
3 KB 32ms
29ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x145.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 546066
etag: "6447ce22-a9f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6b9dda2bd2-FRA
content-length: 2719
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 5 KB
5 KB 43ms
41ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 467657
etag: "51b860f4-140f"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6b9ddb2bd2-FRA
content-length: 5135
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
61 KB 88ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9f215c465b443fca19ef1a189ab91c09e6bc58f98da14307412f4be641245cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61774
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 18:19:12 GMT

GET
H2 200 email-decode.min.js Show response
www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 33ms
33ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 10:58:09 GMT
server: cloudflare
etag: W/"64ddfd41-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fad1f6b3c6a03b0-FRA
expires: Thu, 24 Aug 2023 18:19:12 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 117ms
69ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fad1f6bede2037c-FRA

GET
H2 200 hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/470202/ 920 B
1 KB 139ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/470202/hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 16:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158
etag: W/"64e4e2c1-398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqvRGRdK4XJ32wqmj9RfOsuV7qj0KmSyXEI76TtUe0ag5MnJ2zIe0mdd4%2FM3gRshPltyok%2FTYv%2B4C4UHPlsW0s6v4o%2BaRuD0I95hagwcMWJ1VV3fNJNRLcyQ0pvAqxnDyxccCGnlg7LB114ZuGvIVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7fad1f6c3f8d5c56-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 18:31:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 333ms
226ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

010593a55b66332784926e2b1f0dd5980b9a69c7be6230a3324fa3ea6579266c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29004
x-xss-protection: 0
server: cafe
etag: 752 / 19591 / m202308170101 / config-hash: 14107746840449967395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 18:19:12 GMT

GET
H2 200 wrapper_hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/470202/ 2 KB
1 KB 142ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/470202/wrapper_hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 035d30edea98b203c1932662ecbe98a50d3d0a02c1b2cfd7e92c201de2f025de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 16:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158
etag: W/"64e4e2c1-865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrKEaAuoXXpgUx%2Bh4ctwkQCezkCaDSMpfTXhaBPe6zWkX93VoHFeYm0EGVqtqtARJrz2DSIrP%2BLauVRIKfoFbp4bqNxUb6OzyYZ%2BsUWZI6NrDEdWB2Fp7MK9x8Ik7eDUPDdUO6PVpaV%2Ffv1H%2FJNjzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7fad1f6c3f905c56-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 18:31:33 GMT

GET
H2 200 test Show response
accounts.ukr.net/public/access/ 2 B
271 B 122ms
29ms XHR
text/plain 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/public/access/test?_=1692728352581
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
x-upstream: 4210.10.20.49:5080
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length: 2

GET
H2

200

https://mail.ukr.net/widget?lang=uk&theme=default
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

1 KB
1 KB

33ms
33ms

Document
text/html

212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

frvdc-253.fwdcdn.com

Software

nginx /

Resource Hash

1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://.ukr.net http://.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://.ukr.net; report-uri /csp-blocked
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://www.ukr.net/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 18:19:12 GMT
expires: Tue, 22 Aug 2023 18:19:11 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-frame-options: ALLOW-FROM https://www.ukr.net/
x-upstream: 4210.10.20.49:5080
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date: Tue, 22 Aug 2023 18:19:12 GMT
expires: Tue, 22 Aug 2023 18:19:11 GMT
location: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server: nginx

GET
H2 200 5ysrIfrF92 Show response
go.rcvlink.com/ifr/ Frame 7485 15 KB
7 KB 135ms
25ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 22 Aug 2023 18:19:12 GMT
etag: W/"63c6f377-3b12"
expires: Wed, 23 Aug 2023 18:19:12 GMT
last-modified: Tue, 17 Jan 2023 19:13:59 GMT
server: nginx

GET
H2 200 v2 Show response
a4p.adpartner.pro/jsunit/jsonp/ 1 KB
879 B 387ms
254ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery300029895259678586017_1692728352549&_=1692728352550
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 9ae166ffe2e543fb49ebe49baf86af4fd7f7a784948c161aeee194f676dbf6a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show_json/ukrnet/ 492 B
712 B 228ms
122ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery300029895259678586017_1692728352551&_=1692728352552

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

5e487c4b01663fa4b58bd6fef552014c05e883884fef4d463d926b1b7f57b0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=15768000, max-age=15768000
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
content-type: text/html; charset=utf-8

GET
H2 200 grey-pix.gif
upst.fwdcdn.com/img/ 53 B
133 B 32ms
31ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/grey-pix.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 379567
etag: "51b860f4-35"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6bee532bd2-FRA
content-length: 53
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 ukrnet2.js Show response
trafmag.com/ 3 KB
3 KB 113ms
31ms Script
application/json 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/ukrnet2.js?callback=jQuery300029895259678586017_1692728352553&_=1692728352554

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

1eaf087d451d017c328b92db63aa33f7f47a4b8255217b8bcc06258863a79616

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: application/json; charset=utf-8
date: Tue, 22 Aug 2023 18:19:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 1119189 Show response
servicer.mgid.com/ 8 KB
3 KB 119ms
66ms Script
application/json 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119189?callback=jQuery300029895259678586017_1692728352555&_=1692728352556
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b55be9e1814a6aaacd9b87ab713943b7343ea6e306d03c49bb21eef197fbb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7fad1f6c5b060859-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 addlink.gif
zakladki.ukr.net/bookmarks/img/ 2 KB
2 KB 40ms
39ms Image
image/gif 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zakladki.ukr.net/bookmarks/img/addlink.gif

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
last-modified: Tue, 20 Aug 2013 02:30:01 GMT
server: cloudflare
age: 139784
etag: "5212d4a9-6dc"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6c0e4703b0-FRA
content-length: 1756
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/c5/ 1 B
415 B 85ms
19ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/c5/cnt.php?rand=0.7162255932832946&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:12 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 22 Aug 2023 18:19:11 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/portal/ 314 B
704 B 85ms
20ms Script
application/octet-stream 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.5740523827985422&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7b4c23e55e92ff79c2cc5bf6ad9a3b584069c76465bdd85afdc5ac04ddac1d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 22 Aug 2023 18:19:11 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/lid/329/ 1 B
415 B 75ms
21ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/lid/329/cnt.php?rand=0.5494678807561402&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:12 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 22 Aug 2023 18:19:11 GMT

GET
H2 204 /
loadercdn.net/ 0
169 B 220ms
60ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?u=93edba4118b577ea&d=www.ukr.net
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Aug 2023 18:19:12 GMT
server: openresty

GET
H2 200 start.json Show response
www.ukr.net/ajax/ 43 KB
15 KB 41ms
40ms XHR
application/json 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/ajax/start.json

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f23a06e1360b0a1238169bc7e9c1498ac78efb2b3533870afec7190201c03b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7fad1f6c6f8703b0-FRA
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
85 KB 40ms
36ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8547e6427db74d12ff9d5468d6dcd6888d49133263625d33f48a98925f1adb96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 18:19:12 GMT

GET
H2 200 hbp_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 470 KB
149 KB 81ms
20ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/470202/hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: eaa7ae196a71041a9304a09513f49055d14dc5ec0c443ac6afb56ee59f9794b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 24 Aug 2023 18:19:12 GMT
date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 10:08:44 GMT
server: nginx
etag: W/"64dca02c-758e1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hbw_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/LHNRP/ 166 KB
44 KB 118ms
69ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/LHNRP/hbw_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/470202/wrapper_hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ad748494a20251ce4c2d1b7240959e8867ada475879d0a49bec3ca73e22b5f46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 24 Aug 2023 18:19:12 GMT
date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 16:30:57 GMT
server: nginx
etag: W/"64e4e2c1-299ce"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 1692728352752.html Show response
www.ukr.net/view/main/99335215,246,139,92,61,23,108,157,75,84,32,8,43,14,78,21,9,9,8,54,5,1,4,12,15,2,24,4,17,17,13,11,7,41,3,8,2,5,12,7,6,2,3,8,6,1,1,6,6,2,1,5,2,5,2,10,5,9,1,7,1,8,1,1,1,4,1,2,1,5... 0
84 B 35ms
33ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/view/main/99335215,246,139,92,61,23,108,157,75,84,32,8,43,14,78,21,9,9,8,54,5,1,4,12,15,2,24,4,17,17,13,11,7,41,3,8,2,5,12,7,6,2,3,8,6,1,1,6,6,2,1,5,2,5,2,10,5,9,1,7,1,8,1,1,1,4,1,2,1,5,1,7,6,1,1,1,5,1,3,2,1,11,1,4,3,2,5,2,3,26,6,1,15/1692728352752.html

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
etag: "51b860f4-0"
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/plain
accept-ranges: bytes
cf-ray: 7fad1f6cc82d03b0-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 top_links.png
upst.fwdcdn.com/img/1692357341/ 3 KB
3 KB 33ms
33ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1692357341/top_links.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/1692357341/top_links.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 370938
etag: "64df52f2-b6b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6cf8112bd2-FRA
content-length: 2923
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 395 B
351 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 284290
etag: W/"6076e064-18b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7fad1f6cf8132bd2-FRA
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 461 B
316 B 30ms
29ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 378359
etag: W/"6076e064-1cd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7fad1f6cf8152bd2-FRA
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 dot.svg
upst.fwdcdn.com/img/portal/main/ 650 B
505 B 29ms
28ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 379245
etag: "637656b5-18e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6cf8162bd2-FRA
content-length: 398
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 arrow.svg
upst.fwdcdn.com/img/portal/main/ 233 B
266 B 31ms
31ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 379245
etag: "637656b5-bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6d081f2bd2-FRA
content-length: 188
expires: Tue, 29 Aug 2023 18:19:12 GMT

GET
H2 200 pinformer4.php Show response
pinformer.sinoptik.ua/ Frame 8270 6 KB
2 KB 104ms
30ms Document
text/html 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: d019b68f4994adfdd0ab8b84f84494174be34adba1dd0b6cf407ac4173749662

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 22 Aug 2023 18:19:12 GMT
expires: Tue, 22 Aug 2023 18:24:12 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 7485 34 B
227 B 29ms
29ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: adc4165dea7f3a535d9fab477a0b1d80e45e416f2908d5399b28990c18c8481d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Aug 2023 18:19:12 GMT
cache-control: private, max-age=63115200
content-encoding: gzip
content-type: text/javascript;charset=utf-8
server: nginx
expires: Fri, 22 Aug 2025 09:19:12 +0300

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/portal/ 1 B
415 B 70ms
22ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.5740523827985422&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.5740523827985422&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:12 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 22 Aug 2023 18:19:11 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 80ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je38l0&_p=547795144&_gaz=1&cid=1379358869.1692728353&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692728352&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 85ms
27ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-75WQ2FHNW7&cid=1379358869.1692728353&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 109ms
58ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-75WQ2FHNW7&cid=1379358869.1692728353&gtm=45je38l0&aip=1&z=1793438768

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-blocked
accounts.ukr.net/ Frame 1406 2 B
99 B 33ms
32ms Other
text/html 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/csp-blocked
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/csp-report

Response headers

x-upstream: 42, 42127.0.0.1:8082
date: Tue, 22 Aug 2023 18:19:12 GMT
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 bundle.css
accounts.ukr.net/widget/login/css/ Frame 1406 11 KB
3 KB 33ms
33ms Stylesheet
text/css 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:00:13 GMT
server: nginx
etag: W/"64df5d4d-2c24"
content-type: text/css
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Tue, 05 Sep 2023 18:19:12 GMT

GET
H2 200 bundle.js Show response
accounts.ukr.net/widget/login/js/ Frame 1406 161 KB
44 KB 39ms
39ms Script
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:00:13 GMT
server: nginx
etag: W/"64df5d4d-28496"
content-type: application/javascript
x-upstream: 4210.10.20.49:5080
cache-control: max-age=1209600
expires: Tue, 05 Sep 2023 18:19:12 GMT

GET
H2 200 swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame 8270 11 KB
3 KB 28ms
28ms Stylesheet
text/css 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:04:12 GMT
server: nginx
etag: W/"5f620d4c-2deb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Thu, 21 Sep 2023 18:19:12 GMT

GET
H2 200 swPortal4.js Show response
pinformer.sinoptik.ua/js/15/ Frame 8270 115 KB
38 KB 31ms
30ms Script
application/x-javascript 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 14:54:44 GMT
server: nginx
etag: W/"5f622734-1cc1f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000, public
expires: Thu, 21 Sep 2023 18:19:12 GMT

GET
H2 200 t.gif
pinformer.sinoptik.ua/img/ Frame 8270 43 B
232 B 26ms
26ms Image
image/gif 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/t.gif
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Sep 2023 18:19:13 GMT

GET
H2 200 1_1.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8270 1 KB
1 KB 25ms
25ms Image
image/jpeg 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/1_1.jpg
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 0774d5ad85de44d8dc2783dcd533ef51356d7b200edb762b7d3dc6f3cbc41ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-507"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1287
expires: Thu, 21 Sep 2023 18:19:13 GMT

GET
H2 200 / Show response
www.ukr.net/sinoptik/102948339/ Frame 8270 0
399 B 34ms
33ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ukr.net/sinoptik/102948339/
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1692728352625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:13 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 22 Aug 2023 18:19:13 UTC
server: cloudflare
etag: "51b98b6a-0"
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges: bytes
cf-ray: 7fad1f6e7b3603b0-FRA
content-length: 0
expires: Tue, 22 Aug 2023 18:19:13 UTC

GET
H2 200 / Show response
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 7485 0
490 B 35ms
35ms XHR
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=tp7c6dXYvmrz0x0&ver=230117-2113&w=200&h=0&vw=200&ms=91.0&me=0&ref=&
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:12 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 18:19:12 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/javascript;charset=utf-8
hn: b28
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Tue, 22 Aug 2023 21:19:12 +0300

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/742150/ 2 KB
1 KB 64ms
20ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/742150/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 13564734aa913667230958b87e0acc9322fc776cfa462cecee324a0d751c9504

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

expires: Thu, 24 Aug 2023 18:19:13 GMT
date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 12:03:57 GMT
server: nginx
etag: W/"64e352ad-8a8"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 402 KB
127 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23255
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 21 Aug 2024 11:51:37 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame E4A0 102 B
450 B 178ms
52ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 7cf503e53e61fdfe8c30da45ed651c165943592a8a99b3e1626bdda668f93575

Request headers

Content-Type: text/plain;charset=UTF-8
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 134 B
401 B 844ms
310ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/LHNRP/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc86365-06.cc.colocall.com
Software: Adtelligent /
Resource Hash: 8aa1861c32f6362bbe4d9b414de164615f896b9717ca49d0c398838c38ab8264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:12 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 134

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 708ms
52ms XHR
image/gif 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=742228&site_id=17438&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=mmr8ai.zd&features=81952&vpbv=A168&lifecycle_tte=1020
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/LHNRP/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc86365-06.cc.colocall.com
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:12 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 /
go.rcvlink.com/err/ Frame 7485 43 B
146 B 28ms
28ms Image
image/gif 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=230117-2113&ms=178&text=!responseText&ref=
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx / PHP/7.4.33
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

hn: m1
date: Tue, 22 Aug 2023 18:19:13 GMT
cache-control: no-store
server: nginx
x-powered-by: PHP/7.4.33
content-type: image/gif

GET
H2 200 runtime.js Show response
upst.fwdcdn.com/js/ Frame 8270 408 KB
122 KB 28ms
28ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/runtime.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:47 GMT
server: cloudflare
age: 20943495
etag: "637656b3-1e6e9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fad1f6ebace2bd2-FRA
content-length: 124649
expires: Wed, 21 Aug 2024 18:19:13 GMT

GET
H2 200 ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8270 149 B
339 B 27ms
26ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-95"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 149
expires: Thu, 21 Sep 2023 18:19:13 GMT

GET
H2 200 term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8270 389 B
579 B 33ms
33ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-185"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 389
expires: Thu, 21 Sep 2023 18:19:13 GMT

GET
H2 200 s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8270 185 B
375 B 34ms
34ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-b9"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 185
expires: Thu, 21 Sep 2023 18:19:13 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 156ms
80ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Aug 2023 18:19:13 GMT

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 1406 58 KB
17 KB 35ms
34ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?64280814ffe96cfa63b8
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:00:13 GMT
server: nginx
etag: W/"64df5d4d-e602"
content-type: application/javascript
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Tue, 05 Sep 2023 18:19:13 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 103 KB
16 KB 882ms
882ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3756373027337786&correlator=3339841904687979&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C120x600%7C160x600%2C300x145%7C300x175&ifi=1&sfv=1-0-40&fsfs=0%2C1&fsbs=1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692728353141&lmt=1692721153&adxs=130%2C995&adys=89%2C446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=1600x4936%7C300x145&msz=160x-1%7C300x145&fws=512%2C512&ohw=0%2C0&ga_vid=1379358869.1692728353&ga_sid=1692728353&ga_hid=547795144&ga_fc=true&dlt=1692728352376&idt=718&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=3371586687%2C216364347&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

489e1fc6b7736032fd652cde5622c189db1fb2e552dde56159c597a8cc1b72b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16551
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BDF8 6 KB
3 KB 101ms
28ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:13 GMT
expires: Wed, 21 Aug 2024 18:19:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icon-top.svg
upst.fwdcdn.com/img/portal/main/ 525 B
405 B 33ms
32ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 70013
etag: "637656b5-13e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6f7bf32bd2-FRA
content-length: 318
expires: Tue, 29 Aug 2023 18:19:13 GMT

GET
H2 200 bg-main-static.png
upst.fwdcdn.com/img/ 10 KB
11 KB 29ms
28ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/bg-main-static.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 10:54:06 GMT
server: cloudflare
age: 377568
etag: "5ea80b4e-2962"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6f7bf52bd2-FRA
content-length: 10594
expires: Tue, 29 Aug 2023 18:19:13 GMT

GET
H2 200 favorites.svg
upst.fwdcdn.com/img/portal/main/ 673 B
450 B 30ms
29ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 376946
etag: "637656b5-16d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6f7bf72bd2-FRA
content-length: 365
expires: Tue, 29 Aug 2023 18:19:13 GMT

GET
H2 200 regions-star.svg
upst.fwdcdn.com/img/portal/main/ 830 B
566 B 30ms
29ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 376946
etag: "637656b5-1d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6f7bf82bd2-FRA
content-length: 470
expires: Tue, 29 Aug 2023 18:19:13 GMT

GET
H2 200 currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 3 KB
3 KB 30ms
30ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 375679
etag: "637656b5-be5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6f7bfa2bd2-FRA
content-length: 3045
expires: Tue, 29 Aug 2023 18:19:13 GMT

GET
H2 200 arrow.svg
www.ukr.net/img/portal/main/ 233 B
331 B 36ms
36ms Image
image/svg+xml 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ukr.net/img/portal/main/arrow.svg

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 115309
content-length: 188
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
etag: "637656b5-bc"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6f7d3d03b0-FRA
expires: Tue, 29 Aug 2023 18:19:13 GMT

GET
H2 200 orakul-sprite.gif
upst.fwdcdn.com/img/ 7 KB
7 KB 27ms
26ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 131153
etag: "51b860f4-1ad2"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fad1f6f7bfe2bd2-FRA
content-length: 6866
expires: Tue, 29 Aug 2023 18:19:13 GMT

GET
H2 200 html5objects.js Show response
upst.fwdcdn.com/js/ Frame 8270 555 KB
136 KB 29ms
27ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/html5objects.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:48 GMT
server: cloudflare
age: 20943494
etag: "637656b4-21ee1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fad1f6fac472bd2-FRA
content-length: 138977
expires: Wed, 21 Aug 2024 18:19:13 GMT

POST
H2 599 acquire Show response
accounts.ukr.net/api/v1/token/verification/ Frame 1406 27 B
121 B 34ms
32ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-upstream: 4210.10.20.48:5080
date: Tue, 22 Aug 2023 18:19:13 GMT
server: nginx
content-length: 27
content-type: application/json

GET
DATA 200
OK truncated
/ Frame 8270 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bfefe36da5d18dcd93d65bd24cc4e5fc186980ab5bce87c3e5c87cb34c07e8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 98C8 15 KB
6 KB 169ms
87ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 272142
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 98C8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=RmRk_HxvdjRQSlBmdUd1dUxHc3ZHSXRadlFUclJESW1EYzhiY1ZXS0l4Smo5TXJuRHJ6YWI4WWhMa3A1VitCZW5aZlRKUFpNTnFuZzZKcnpqeWRHYkNaNXVaSTg0MmxJMlE1aVNiWnJFUC9qaXE0c3pCNGZSU0lESkx6Vj...

425 B
652 B

96ms
29ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RmRk_HxvdjRQSlBmdUd1dUxHc3ZHSXRadlFUclJESW1EYzhiY1ZXS0l4Smo5TXJuRHJ6YWI4WWhMa3A1VitCZW5aZlRKUFpNTnFuZzZKcnpqeWRHYkNaNXVaSTg0MmxJMlE1aVNiWnJFUC9qaXE0c3pCNGZSU0lESkx6VjZlMUNiUTJMREZhNHhod0VmUExCdVpYclNaTjU2V2FKUXZXV1V4RGoxaHl6QkZ6S295UEFxWkFFTW02RVFmS0Noa1N4VldDQkdhQjF2dXd6VHBXb0srVXJvczVrWGd6UjhYZVN5YS9ObHk4M3ZwTDJQbkNodGpNNGkwWDlFSmphVTM2eTFOc3NpbzFvMzI5Q0k3dDQ4TjZBOXFENmNxZz09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f334ea319a56bec9b2a2d5942670b93a0b90a3fa74ab851c15d7f0c7fffe9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1192964
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=RmRk_HxvdjRQSlBmdUd1dUxHc3ZHSXRadlFUclJESW1EYzhiY1ZXS0l4Smo5TXJuRHJ6YWI4WWhMa3A1VitCZW5aZlRKUFpNTnFuZzZKcnpqeWRHYkNaNXVaSTg0MmxJMlE1aVNiWnJFUC9qaXE0c3pCNGZSU0lESkx6VjZlMUNiUTJMREZhNHhod0VmUExCdVpYclNaTjU2V2FKUXZXV1V4RGoxaHl6QkZ6S295UEFxWkFFTW02RVFmS0Noa1N4VldDQkdhQjF2dXd6VHBXb0srVXJvczVrWGd6UjhYZVN5YS9ObHk4M3ZwTDJQbkNodGpNNGkwWDlFSmphVTM2eTFOc3NpbzFvMzI5Q0k3dDQ4TjZBOXFENmNxZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 244737
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 351ms
70ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d33c12edd162a0156a8e7ad0705ec33ad6d96779629a0fc75dbd1beb0daeaa88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11725
x-xss-protection: 0

POST
H2 204 rum Show response
www.ukr.net/cdn-cgi/ 0
140 B 107ms
107ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: application/json

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ukr.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fad1f71d94a03b0-FRA

GET
H/1.1 200
OK vr Show response
ghb.adtelligent.com/ 48 B
314 B 50ms
49ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/vr?bids=18960
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/LHNRP/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc86365-06.cc.colocall.com
Software: Adtelligent /
Resource Hash: 7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:13 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 48

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 144 KB
28 KB 615ms
615ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3756373027337786&correlator=1698331911706216&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600%2C300x145%7C300x250%7C300x400%2C300x600%7C300x250%7C300x400&ifi=3&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692728353850&lmt=1692721153&adxs=995%2C995%2C995&adys=196%2C1138%2C2119&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=300x250%7C300x250%7C300x0&msz=300x107%7C300x145%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&ga_vid=1379358869.1692728353&ga_sid=1692728353&ga_hid=547795144&ga_fc=true&dlt=1692728352376&idt=718&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=2774844501%2C3317177319%2C3449700283&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28d3081a71978cd1d51ffe679261b6f1300f3387929dd100f55cd52478b8cf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28495
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 1 KB
726 B 49ms
49ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=463288&aid2=812819
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/LHNRP/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc86365-06.cc.colocall.com
Software: Adtelligent /
Resource Hash: f97887d2a8df37c23cfab962acf865d2eda181a49d6ac742cc7de95197e223d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:13 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 420

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 102ms
31ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Aug 2023 18:19:13 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6ee3b7d8e70fe77d

35 B
349 B

132ms
29ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6ee3b7d8e70fe77d
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 22 Aug 2023 18:19:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6ee3b7d8e70fe77d
Date: Tue, 22 Aug 2023 18:19:13 GMT
Server: Adtelligent
Etag: 6ee3b7d8e70fe77d
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 382ms
118ms Image
text/html 44.205.87.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.87.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-87-2.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=639f4b67-da6e-4fd2-a0a2-5cc50c89c65c

43 B
473 B

203ms
118ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=639f4b67-da6e-4fd2-a0a2-5cc50c89c65c
Protocol: HTTP/1.1
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:13 GMT
Server: Adtelligent
Etag: 6ee3b7d8e70fe77d
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=639f4b67-da6e-4fd2-a0a2-5cc50c89c65c
date: Tue, 22 Aug 2023 18:19:13 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 88ms
33ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 18:19:13 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 051D 13 KB
5 KB 23ms
19ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 17:49:56 GMT
expires: Wed, 21 Aug 2024 17:49:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9B65 829 B
1 KB 81ms
30ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a8a97fb0ba856593d81035f6a594c4dc1a11dc64cdc1b8e3f51b9d84e68b628

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hbWBz6IkQ5UZvWBOLeix_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-hbWBz6IkQ5UZvWBOLeix_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:14 GMT
expires: Tue, 22 Aug 2023 18:19:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 660E 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:13 GMT
expires: Wed, 21 Aug 2024 18:19:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9027 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:13 GMT
expires: Wed, 21 Aug 2024 18:19:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 660E 222 KB
62 KB 134ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:31 GMT
age: 61423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 660E 15 KB
5 KB 208ms
98ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:23 GMT
age: 61431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 660E 94 KB
28 KB 192ms
82ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 10:51:44 GMT
age: 26850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 10:51:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 660E 5 KB
2 KB 202ms
93ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 17:11:00 GMT
age: 90494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 20 Aug 2024 17:11:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 660E 40 KB
13 KB 200ms
91ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 17:28:18 GMT
age: 3056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 17:28:18 GMT

GET
H3 200 364911764937655237
tpc.googlesyndication.com/simgad/ Frame 660E 22 KB
22 KB 22ms
21ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/364911764937655237?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkPXdfXOVSQCVx0D7z7nCvj352JcQ

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f2fd61f02653e7bfa915704f7f0f82a478cfef7ce196c0c797703f8a945a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:47:45 GMT
x-content-type-options: nosniff
age: 45089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22283
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 09:57:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 05:47:45 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 660E 3 KB
3 KB 28ms
26ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:25:03 GMT
x-content-type-options: nosniff
server: cafe
age: 17651
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:25:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 660E 344 B
368 B 21ms
19ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 16323
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:47:11 GMT

GET
DATA 200
OK truncated
/ Frame 660E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bce5122a5ef7672c1473e34774b849e0cf704e6c8027acabbf39c9643138c2d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 9027 222 KB
61 KB 168ms
67ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:31 GMT
age: 61423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9027 15 KB
5 KB 202ms
102ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:23 GMT
age: 61431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9027 94 KB
28 KB 209ms
108ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 10:51:44 GMT
age: 26850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 10:51:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9027 5 KB
2 KB 207ms
107ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 17:11:00 GMT
age: 90494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 20 Aug 2024 17:11:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9027 40 KB
13 KB 200ms
100ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 17:28:18 GMT
age: 3056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 17:28:18 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9027 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:25:03 GMT
x-content-type-options: nosniff
server: cafe
age: 17651
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:25:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9027 344 B
368 B 22ms
22ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 16323
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:47:11 GMT

GET
H3 200 14986624540275671301
tpc.googlesyndication.com/daca_images/simgad/ Frame 9027 106 KB
107 KB 23ms
23ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14986624540275671301

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22038c6159222e51fb4076c4d215578bcaf35b90668fcc880c5258a980d13d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 16:26:05 GMT
x-content-type-options: nosniff
age: 438789
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109039
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 07:05:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Aug 2024 16:26:05 GMT

GET
DATA 200
OK truncated
/ Frame 9027 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f51095a34ab6bb9330c40eec1d39aac192f68b67dce85491dc3e6fcd36f0436

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 051D 37 KB
14 KB 81ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 18:12:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9B65 0
0 218ms
152ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=3756373027337786&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 660E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

2735ms
2685ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

date: Tue, 22 Aug 2023 18:19:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9027
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

2755ms
2705ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

date: Tue, 22 Aug 2023 18:19:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3205 6 KB
3 KB 25ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:13 GMT
expires: Wed, 21 Aug 2024 18:19:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7920 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:13 GMT
expires: Wed, 21 Aug 2024 18:19:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A0D 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:13 GMT
expires: Wed, 21 Aug 2024 18:19:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14986624540275671301
tpc.googlesyndication.com/daca_images/simgad/ Frame 9027 106 KB
107 KB 22ms
21ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14986624540275671301

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22038c6159222e51fb4076c4d215578bcaf35b90668fcc880c5258a980d13d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 16:26:05 GMT
x-content-type-options: nosniff
age: 438789
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109039
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 07:05:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Aug 2024 16:26:05 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9027 3 KB
3 KB 23ms
23ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:25:03 GMT
x-content-type-options: nosniff
server: cafe
age: 17651
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:25:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9027 344 B
368 B 24ms
24ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 16323
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:47:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 3205 222 KB
61 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:31 GMT
age: 61423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3205 15 KB
5 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:23 GMT
age: 61431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3205 94 KB
28 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 10:51:44 GMT
age: 26850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 10:51:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3205 5 KB
2 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 17:11:00 GMT
age: 90494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 20 Aug 2024 17:11:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3205 40 KB
13 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 17:28:18 GMT
age: 3056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 17:28:18 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3205 3 KB
3 KB 30ms
29ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:25:03 GMT
x-content-type-options: nosniff
server: cafe
age: 17651
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:25:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3205 344 B
368 B 30ms
29ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 16323
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:47:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 7920 222 KB
61 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:31 GMT
age: 61423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7920 15 KB
5 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 01:15:23 GMT
age: 61431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 01:15:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7920 94 KB
28 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 10:51:44 GMT
age: 26850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 10:51:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7920 5 KB
2 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 17:11:00 GMT
age: 90494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 20 Aug 2024 17:11:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7920 40 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 17:28:18 GMT
age: 3056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 17:28:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7920 14 KB
2 KB 105ms
42ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 17:08:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 18:19:14 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7920 3 KB
3 KB 26ms
26ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:25:03 GMT
x-content-type-options: nosniff
server: cafe
age: 17651
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:25:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7920 344 B
368 B 27ms
26ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
age: 16323
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:47:11 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DC18 624 B
826 B 74ms
59ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUMF12MtoErq8rQEEfxkrwKpSCCip4N1vTPd1pDAMlVZfZMqujW8IMSuX8d8HlXS0oiQZTcewznYsQ1RwfZWayHnqArM4AtzwB9yHEfYvAZhako4eMoUxuxmhECOC4l7M1HlsgS6lHf6SZGjs4jXkEnjRoa3NS4JZlBEzTLYLWI5UTfILY

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:14 GMT
expires: Tue, 22 Aug 2023 18:19:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 85C5 86 KB
29 KB 176ms
172ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 18:19:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 85C5 3 KB
1 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 16:11:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 85C5 20 KB
8 KB 35ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 16:49:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85C5 181 KB
57 KB 98ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 18:19:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C5 42 B
63 B 129ms
119ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTPYVDMmr-9e2UptkKJxyakKRI2nDIZbvdQ040CYr1UAC2uIyPWo3VZk2dGpV5_-l016OkvETz6PvdJliM3MDY2MBrMqEn9TVW00ShB-gAQKviFbs

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C5 0
20 B 129ms
120ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9864069048451349000&x=1&ct=77

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7395641325920582800
tpc.googlesyndication.com/daca_images/simgad/ Frame 3205 38 KB
38 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7395641325920582800?w=360&h=720

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0253d57bc1748b9f7cc25b42eb30c1f20565f84fd514b65b4cc93ce61fffe8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:42:38 GMT
x-content-type-options: nosniff
age: 254196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39297
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 18:31:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Aug 2023 19:42:38 GMT

GET
DATA 200
OK truncated
/ Frame 3205 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 114304de54f86287e7b392e41d8ef1c214a616846a764c22b669ba0c5f47acc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 051D 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bkeVcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 660E 0
0 69ms
68ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8YJ1IfzkZJLQC4mfgQeL-pSoBvLi1KBsi5iTo_kRZBABIIjZs5gBYJXy_YGUB6AB05yJ0APIAQKpAhjmkzYQMrI-4AIAqAMByAMIqgT5AU_Q8hmN31bidRg-opO-S2sV6OyvlWE9J0Abr73EinOsWBu77_VAZ0XG1BM2mnHAy2-Z452wAvjqLW5JvkFkORcARSfVM9-3YoiVZlD0XMYM0WSN524ls4QtckFDVKBmqEr62BkIS9pT1hEbqCRcZG5YdiOup5nqPU0HjATK1ndo9LVqlJzgwJvAgTJkduibmWQGJ5A1zRfKA48mvJQu1Las6PVbAuZSsngfWoGznGHIQpVFP4On970O8B9bWSpuHdLEtEaZpojpdpyZqx4iXT27jLWESMzCqGHVPVNSc7XI4FjQ9SABnJVgFAMkCyRtpXv67AOzYzCsVsAEscHR4bME4AQBiAWd6tH_Q5IFBAgEGAGSBQQIBRgEoAYCgAeV4_YvqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ9P4L0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJUmh0dHBzOi8vd3d3LmJveHNwcmluZy13ZWx0LmRlL2JveHNwcmluZ2JldHRlbi1mYWNoZ2VzY2hhZWZ0L3Nob3dyb29tLW9iZXJuZG9yZi1hLW6ACgHICwHYEw3QFQGYFgGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=bBjFPpg82WU&uach_m=[]&ase=2&cid=CAQSTABpAlJWFSgPB0AAoxgXgMoLB7rZHRGElCkK5Lp-tqnCkPOfhA0gq7zraBBudxro-8ueJbibCBrFYzt4_0u7MLlsSUcGUR67s1gozNwYAQ&cbvp=2
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9027 0
0 70ms
70ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CI40YIfzkZJPQC4mfgQeL-pSoBu-azsJyjtXEzfUR6f2J1NM7EAEgiNmzmAFglfL9gZQHoAGDkuWTA8gBAuACAKgDAcgDCKoE-gFP0MpmJx8L6bYoLxuWRM9zWQ3nxwK0-OJ-276fsWUslGTmOQhDu5k-g8Ie4BaXe1KIuT_WT1nUXLKt_l0-GsziyvzOB7koD-ugdnb0AOnMLxTFXeXQCHnEaZ48lQ86-YgyLXQuELmk03Q6x6ov96jeupAwkFWrFcIA9xBDIgzsLo_amg1Ow6b59Ta6ETMZwlIyRRp5iB4cxyvqgLCdFra76ImuqulTe_RDII6AgckjoTBI35NafkD1CDuYuMFnQhOnWY7uW7eKs1gK0ftgOASxAt6OpUTHUjIBUBFxuo-RUY5-ZZxRzpxoQVDxv_gFpxooiyDGMwRgx1nJwATbmP7cuATgBAGIBb_S6ZxMkgUECAQYAZIFBAgFGASgBgKAB4OjtI4DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQj40F0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJ9wFodHRwczovL2RlLnN0eWxld2UuY29tL2NvbGxlY3Rpb25zL2RpZS1tb2RlP2FkcD0xNTc3NTk5NiwxMzkwNDA2NSwxNTg5MzE4NCwxNTYyMTE0OCwxNTg2OTU5MSwxNTg2OTg5NywxNTg3MDA1MCwxNTgwMzc4NCwxNDAyMjc5NywxNTY5ODY3NiwxNTc2MjMwMiwxNTc2Mjc5NSwxNTg2OTgyNSwxNDc2Mjg2OSZhc3NldF9pZD0xNzQ4ODg0JmNyZWF0aXZlPTY3MDAyMDQ0MDg1OSZ1dG1fY29kZT1HOTE3OTkyNTU3OVZIODA5OTgxMTE3MDY0gAoByAsB2BML0BUBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=0MPo3Gy3LJw&uach_m=[]&ase=2&cid=CAQSTABpAlJWFSgPB0AAoxgXgMoLB7rZHRGElCkK5Lp-tqnCkPOfhA0gq7zraBBudxro-8ueJbibCBrFYzt4_0u7MLlsSUcGUR67s1gozNwYAQ&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9118233027301288181/ Frame 7920 20 KB
20 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9118233027301288181/14763004658117789537?w=400&h=209

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bc7855542275b7d67fdd531837f2108daa5985e90b97ff67d49da619502bb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:45:07 GMT
x-content-type-options: nosniff
age: 297247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20716
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:27:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 07:45:07 GMT

GET
DATA 200
OK truncated
/ Frame 7920 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7920 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7920 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe020ad33fee708670d658bbe07bb91dac7cd0875e14171309e9afd0de8d96eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXEfwDdvi4Lu7NtNa068u4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXEfwDdvi4Lu7NtNa068u4&google_cver=1&C=1

43 B
766 B

45ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXEfwDdvi4Lu7NtNa068u4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUMF12MtoErq8rQEEfxkrwKpSCCip4N1vTPd1pDAMlVZfZMqujW8IMSuX8d8HlXS0oiQZTcewznYsQ1RwfZWayHnqArM4AtzwB9yHEfYvAZhako4eMoUxuxmhECOC4l7M1HlsgS6lHf6SZGjs4jXkEnjRoa3NS4JZlBEzTLYLWI5UTfILY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 18:19:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 18:19:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEHXEfwDdvi4Lu7NtNa068u4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC18
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOT8IuSg9T63Wog97zaLRgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELRAMHOkCB90NXC5mfNMHsg&google_cver=1

43 B
766 B

21ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELRAMHOkCB90NXC5mfNMHsg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUMF12MtoErq8rQEEfxkrwKpSCCip4N1vTPd1pDAMlVZfZMqujW8IMSuX8d8HlXS0oiQZTcewznYsQ1RwfZWayHnqArM4AtzwB9yHEfYvAZhako4eMoUxuxmhECOC4l7M1HlsgS6lHf6SZGjs4jXkEnjRoa3NS4JZlBEzTLYLWI5UTfILY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 18:19:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELRAMHOkCB90NXC5mfNMHsg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame DC18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG334QmQS6jRGJW9Ls1Pk88&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG334QmQS6jRGJW9Ls1Pk88%26google_cver%3D1

43 B
893 B

32ms
31ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG334QmQS6jRGJW9Ls1Pk88%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUMF12MtoErq8rQEEfxkrwKpSCCip4N1vTPd1pDAMlVZfZMqujW8IMSuX8d8HlXS0oiQZTcewznYsQ1RwfZWayHnqArM4AtzwB9yHEfYvAZhako4eMoUxuxmhECOC4l7M1HlsgS6lHf6SZGjs4jXkEnjRoa3NS4JZlBEzTLYLWI5UTfILY

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
an-x-request-uuid: b04ba706-4e72-47d5-b441-57496e14c27e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.25; 217.114.218.25; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
an-x-request-uuid: b928ce78-7cc6-4b20-b4a3-696e00d44ff5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG334QmQS6jRGJW9Ls1Pk88%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.25; 217.114.218.25; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DC18
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3MTA3MTk3ODEwMjMwNTQ5NQ%3D%3D

170 B
243 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3MTA3MTk3ODEwMjMwNTQ5NQ%3D%3D

Requested by

Protocol

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
an-x-request-uuid: 5f955cea-9182-48c5-bd3d-c6058b888a0e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3MTA3MTk3ODEwMjMwNTQ5NQ%3D%3D
x-proxy-origin: 217.114.218.25; 217.114.218.25; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7920 33 KB
34 KB 138ms
82ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 306913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:04:01 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
222 B 56ms
56ms XHR
text/plain 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/LHNRP/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc86365-06.cc.colocall.com
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Tue, 22 Aug 2023 18:19:14 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C5 0
20 B 125ms
125ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1982923038431&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C5 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1982923038431&version=m202307240101&ct=77&x=1&cor=9864069048451348000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ad.doubleclick.net/dbm/ Frame 85C5 16 KB
12 KB 153ms
78ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQCca6D4UhnB0o2_sBIrPxBb7ZhKnCc3LurX2GWj_QY5UyjnvZAT_s3KzZqd2ux1449vsmPd4esfgBxNK6N2gVhRkXTSsB8lRZH19M5ZQYx53swfw5ct3gp5ogZ6BsFFowee4yY9QkiKH2fJN85yfSarxR9KIMykU2lCeVk5CrflV_E54&cry=1&dbm_d=AKAmf-CQj3uT30i0cuzjoIOfiG2FMRuuEZgOfSNx1bUqTbm0cHdryFDx5gfKJfEio5e84rXe2QbrG5y4Va6LCGQAj5ikt8B2zKAox8--ngLNlmoICFGf-LiFx4lX_UD54GtkSM4ImAlCJv4B9miqKluF99zdyS18Z12pEMyQS1yglm6LC_KYvJ5tD-40N8NZt6wYajQEFeb0WAzYMEq_iQItRxO9NdLNS4bh3BjPh9aF-k1eNZtIXWNdpypEfGQIJN6RlCa8FG0wBhoumVZ6k0z4_mZko2SWk1ScXIXy6wBl8R0RdkV5zmLgIsf8mvbpANw3SHOQ-E3IkCSmx6X8r1rheD3--5rn6pJUMg9CFNTBXXS9Injz_mheXU8jhQTvYAUURF51m94CAFx91m0nkBgh8C0k8ZfvRGeaADRhzAcgT9MjwA-axXiWUEjZhvaUlfNxljdjZQ3dPddNKfxguD8Cf4ylMgUaLuuuVZJxRzcln-CgrFsF9uat6LQIpgK7m07gnz5Q0_WtgCMZwAO6vZlO2CNNeOTdQsSgx_-_MbVLje-c22gSCTPLtB5YgG1KqmkXk3PppnLZBtyI8mw_2M1QVKJ7UuYN5IvdepwIga1hCutCvrx14uRRzKmHuQ_qXwJQvvgnWikDogcBQ3XF3j6sD4hnljjggsWjGLQy4vwqUQShLp2a8lqnh5jOGDmi1Q9w_eyPRp0tnVDW7aphhFnz5z4mE_Lu-_nRf_zzvEt6BAIiByyiS-niDqKb5tae_3MD7UgM-t3NB0NEC3hHYM-31sK11icqK2UQBxnemRVx6_w4giCAXihu1rxolK1ZDOnj3ItkSyEhyCUMPF-XIfTb4zTefsL3k20oscRYo605-4K2R0_QuYJp5QDHdOpO84FSmENS7KTQiHSYdISXpWGEgrfxz0SvZGx9T3S5WD8RMhbK6aK1grX7tbSpCXHnpb9KOv4wE_a1K3FNDaPRILEo1Pof0lheX5q6OknYiFNk14vCPJFsZhQnqKj11-ic-8BROdJ2EXsmI5B1CrHN8J6GGRe-_zlgn_1FMoZ1X8D3r_3LD8lyFpSt8FIlyI6okkVtoRiIHE3Smz9dg-MeQmQ2ieLze9DBLNafTjVyElzByfvoACDsPj7qooL04q9rTenXlgGPKMj03xVUQxicJFkGpKj9vyYBHpOg92BWdAhQ6DHhHkBe5plfiYR8knKXG2JAy7CYQzNMYPBLq2ydAU9lzaXR2k1FHD-M1uwQZlXeMbrJhcGVY-9JkzMJ7y7-kmjPKCtDPD3wE2EDn0DrbGndt9Y9n3ZIylg-gq-sJMWiZZmF6TV9psyOtZS8D8Sy7Oa9mxqqybDuUhLvVqnswkYzs4BIapla6riM_jE035gBXYa_jPU7GbQb5OHm3WBt344gyO3nbgKOm2qY9Uxmfq_IWuYSdNFGhM7WqRtTW6fkiKWDFTsjiCAM6PumaHKutgn4E-hXpMNmC12i4PajruH2Dk94uTO5IsImYiy0T8cba-9WZxtDihDUM7i2uQAIqatq1UpJifoeoiBVvXdNogdRYLWGPKczhh6mbfOQvK96D54zcWjQLYT_HhXcKBKZ0XKuF8suOZsLgg3GWNddKHdoZKofUT37CSUfD-AMy9IucmKD1RdAVzE6LIYrtxHlCr6N3WrYIbZ2_71Gb5aHhKSDNxuG9_Q-yZqERjrErFMIGawvNjwvjWzawcJJUrd_RPToZaWEN9lMA5aYSo2GzK7uRM7-NqpCDs4gsyJDNvGjuWD-TfgAtXp-VtyakrIKcBOxbLKpOnsuBgfa9A7o-PqJZ-SRutnrWwDRFWYKSyg7AjjlcJXt4dQECsjTVflD1yTX6HJPeZW8B-F2MisSpUvV0m_wB4e7q0F3kvMAxPh9rRQGSpmR6hwK9GmqOdTh9snd_0_Xk2m_8o0wrJanBUcwiPZCy7Rrt63hFqizbJwnakwoKtQ5H6V1nW8VUhjpWMy9OHtqTh6um0GjtE7-5ZhLLuSHzXLHt-l2V8YFok9DjVXnhlY9H5tshzlgyRJioJCK4Mtcku6XNEW9oyDosLZsbuJLM3EOpDVZxbyDZkUkL4AyAlF8RHBeUvT9FASsv-aUGndg-I8PFaTcfs3o1skWkr9_6Ka6fPeuKuHT2_ADlvNSOGfe4V22f5rcQEPXO_9HX_86ynEuL7PsrhNrdRpp3PUJMTKvbVMq36MU_VW81Y4AWTJuNni9ygZD8x2aB0nkIA6jPmtWx7b7Mxjl7K_eJXS9CrB3aInBMNdgxK_wXte1ilUt8cE0AFsEbXkcsPxZ4kxskuSnLN-fp8BxD0BixOaN42LgLvLAhnJXmPjLYjFCs6EifJMa0Xa5pqUvo3baURp4ZMAv9-wvYhTLRDxU9BpAr5s1GmZS6NzNs83uBvSOWHnuJ5TESMO3A7udETNx4eO8badinbDYffMooS1NyTa9yUMvBxpdukQCUUmkoYOmj_8LttMOpAmUptlITNluuSlnDtcFfg3aasaM7hgDsJJeie7NfxIZ7TdZH-KvzimekDkBb9djRhfa1Z-pLZqH4PtCDaEpeOoz-2pwhAd6Rs3T-4RFquz5F8kw6J70t5h8Aeg34pIXlHVm5ur84cT5ac_09F8fM8bVdzbJH06wFs3b_GEcEboFRR9NnNqhMNoIvzYIJp7sCsxUXnCYvUMGyhbp12Psckptk6JZDVTohFull0BadvTg1_dSXyqLeB7KnKxDSBFw3xlxVKFF0vQBChbgqJhwaFH6xf6dHJOuGlF4Ymnfg9qer4h56fQcp1LAFTs6GyK__ErA1YtI105OnD_ChO18fWH5YKYsdgBit3Vmy7dDTRnpSnpweWNErffMmbWdlWfr927NRb_FfmBjppYFRnMg4VQ0AYXlPvRAVoYQ5EeQ5ozBQm8RmdEq6lVcjQNTkNqyBKQuGPcZR5AUTaps0DdAcxMsUGzgUOlk9tlugM_HCmVSRsNEFsL8R4xr8eZwoXx1yj9pQZ4OAXXzmP2LizYVnFlMkwJF9wRBKqDxVF18P_z1Amz0al752jtaCJmAcd6Dc4QuKggxePcl78ZMGXSxeucDnrtwpX68AFJ2QQMOvOXlv06Sz-X2BKYWYjv89JlrQ3xpqkXuO4roAyR-31fj7bzE6LvM8lSeIg5qT6z04Hcxv7NUaDX2JgcFVdhgzzTK7NMdyc4K7zqwrH9OEDgkVCDMcJQ7KMoMPHtOGVBt8LNVRSlEBhwcKcRVIH6NwAZqPjyjtCqDN7GrQSjz2ccL6YBRiFOpjVm5Y3W1lvaHEBkKWAR5BA3EKwbzb-p0wXJFniIPhhwglfa2LWBjVM98Ci55Xea6-7MTPIIV2krb5CM6P9S0_WRZdv84SdjAjewg6sd9LQNFAml5_pRdLlbuW8mLSXGiOpkxamecV5KTZDOBfTG496mOmyutC3JYd7xzWLPdDDsv7V_3_l3NRTa6rWGwj6Ep9gITt3A26w0kBSl4nIZuIl8sU08tOkhkfd7AccLp1MFZNgDmL1doR3IyPvN_TECFHthteT7Yk9vjn4VLgIV2C_tJ5OsT86ZpVRnZeJChe8739oXFBuMURIUoFVPKRssPHdz_TybIJs2SAcORQ4CU9Wvb3h9RV-2BviaIV0FxpT78Qci9kOQuOff85K-EH7F-NMNAnIy9ccN8eE6esXchsHNX0-6ayLACfNEc4efbb27-t8INJnAN3lNalexSr3lc3VAMByEEfKrbq2nSxXI0indggAPqOFTXUInp6vnI2xJNsLotOU0t5QXU50VjZGZPIwBA8i6-Ghr0tRIerrjWILB2uoeY5sgiDgvncGjPEOijY1qI6-WBWOigVFyRblgwSdOLrth8NvpO5u1kLNLv8kqhpRhkfVXkXLEiXevvJhaYlBGkJYqh2tvpbgHBuXQsmgkoKKriFss0GeJvtvvN7PLq3UDR2TsQPzjc04VmwVGp_E4tkmFPwN8QOUYAA0gVZdKk_aEbZ4UWpha3NCZ6EbK9PCl7bV1OdM967p4lAAbQhziKk0kQhApexbLXkZgMam_JBXWUeJ5dIa-_GdDpno0Ou70Lw8ehcWz1IdwTqAI_Ctt1Yk3FNwA1XYLrrUuSfmLhtL-U0jO8IyhAkC7koFDq4mPegUts9MaO5EUn_l_yTIF0McB74_82HTTenTbkY4O3MpAsgG4eeoVIAsGIMDnuj0R6ylCtQkhX8X6Hyq6ZtCvuqjEyie0A&cid=CAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=9864069048451348000&adk=1935140218&idt=193&cac=0&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ba33361129d0ccca0d52ffae2b70695c9968dfa430ea4be13a2fbe772510d212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3205 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoWJTIfzkZJrjONjngAfQtLnoBPDI48Ryj7b-xtkRiPHQzp8_EAEg55_DmQFglfL9gZQHoAHp_fXPA8gBAeACAKgDAcgDCKoEgwJP0EACz-AE6et8yS2SWa_W0Dq7Ha2lbEfLUSXUR2o7COs03t1zgHUO3WL36D65foMKoXdYFds-mS2R_r3VzQHXU4qi92crJizp_Hc1A-53OAF8ER2PXoxBKArzZjQGPGlXjDGHwgRNeDPQwEnJl6HV_6JsxvwRykUDnogg36taip8Wqz_EtKFft2Feh7tQVeN8A59OJovlZdnf7V7UPCcSvHWYpg2U22NuUIkA8YTxkd3ONLH9ennbzIpbUQXtHr3u3Yf2TZQrU_FdRakmnaWGDm-n9L0OApxJ5_FBq1zduOyaA65SLYjv0pYfez4LFaFaR0uUM43UG19cAuok4b3_HREMwATgg8v1zgTgBAGIBYzn1YJMkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4qaxJwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQm6hF0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJO2h0dHBzOi8vc2VhcmNoZmF2b3JpdGVzLm5ldC9pbmRleC5waHA_cmdpZD02OTMyNTAmc3ViPWdjbGlkgAoDyAsB2BMM0BUBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=aHaq0rBpYHM&uach_m=[]&ase=2&cid=CAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7920 0
0 72ms
71ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuriWIfzkZJflONjngAfQtLnoBPDI48Ryj7b-xtkRiPHQzp8_EAEg55_DmQFglfL9gZQHoAHp_fXPA8gBCeACAKgDAcgDCqoEhgJP0CbtgcW7qW9AXivkhvwbB1Aultx-kCHaI-PTm64gcBzEs34Q_TT-e-K-Uasm1g93Zl8Q6KHbbgXcC-c4unxCdTKzM1WTS7bxNxflree6x-ZX7328NWkfvRPERE99puie87Z4eQP0AFCtP9TFM351sgOzxVAQq-o4ZhKcBY-QYV3h9iFn0Vxd1_6zTvdE9XeITRiwCE6Zrq9irhAtU_dcdPI6HhPQy9IllmArJGgXkymH3vA0bIqUEgS5CXRifWVcyzN2U2Q7FuRqNDDUXCA5K5_2Wj1rqt9gW2QnTO-IsuQnnutUQ0pE7MpEZI9FQd4_p5mPWdC4J4fubmfTSqFPz1I1aG_2wATgg8v1zgTgBAGIBYzn1YJMkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4qaxJwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyK8S0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJO2h0dHBzOi8vc2VhcmNoZmF2b3JpdGVzLm5ldC9pbmRleC5waHA_cmdpZD02OTMyNTAmc3ViPWdjbGlkgAoDyAsB2BMM0BUBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=tAsEwcxX_18&uach_m=[]&ase=2&cid=CAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB&template_id=5000&cbvp=2
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 85C5 41 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQCca6D4UhnB0o2_sBIrPxBb7ZhKnCc3LurX2GWj_QY5UyjnvZAT_s3KzZqd2ux1449vsmPd4esfgBxNK6N2gVhRkXTSsB8lRZH19M5ZQYx53swfw5ct3gp5ogZ6BsFFowee4yY9QkiKH2fJN85yfSarxR9KIMykU2lCeVk5CrflV_E54&cry=1&dbm_d=AKAmf-CQj3uT30i0cuzjoIOfiG2FMRuuEZgOfSNx1bUqTbm0cHdryFDx5gfKJfEio5e84rXe2QbrG5y4Va6LCGQAj5ikt8B2zKAox8--ngLNlmoICFGf-LiFx4lX_UD54GtkSM4ImAlCJv4B9miqKluF99zdyS18Z12pEMyQS1yglm6LC_KYvJ5tD-40N8NZt6wYajQEFeb0WAzYMEq_iQItRxO9NdLNS4bh3BjPh9aF-k1eNZtIXWNdpypEfGQIJN6RlCa8FG0wBhoumVZ6k0z4_mZko2SWk1ScXIXy6wBl8R0RdkV5zmLgIsf8mvbpANw3SHOQ-E3IkCSmx6X8r1rheD3--5rn6pJUMg9CFNTBXXS9Injz_mheXU8jhQTvYAUURF51m94CAFx91m0nkBgh8C0k8ZfvRGeaADRhzAcgT9MjwA-axXiWUEjZhvaUlfNxljdjZQ3dPddNKfxguD8Cf4ylMgUaLuuuVZJxRzcln-CgrFsF9uat6LQIpgK7m07gnz5Q0_WtgCMZwAO6vZlO2CNNeOTdQsSgx_-_MbVLje-c22gSCTPLtB5YgG1KqmkXk3PppnLZBtyI8mw_2M1QVKJ7UuYN5IvdepwIga1hCutCvrx14uRRzKmHuQ_qXwJQvvgnWikDogcBQ3XF3j6sD4hnljjggsWjGLQy4vwqUQShLp2a8lqnh5jOGDmi1Q9w_eyPRp0tnVDW7aphhFnz5z4mE_Lu-_nRf_zzvEt6BAIiByyiS-niDqKb5tae_3MD7UgM-t3NB0NEC3hHYM-31sK11icqK2UQBxnemRVx6_w4giCAXihu1rxolK1ZDOnj3ItkSyEhyCUMPF-XIfTb4zTefsL3k20oscRYo605-4K2R0_QuYJp5QDHdOpO84FSmENS7KTQiHSYdISXpWGEgrfxz0SvZGx9T3S5WD8RMhbK6aK1grX7tbSpCXHnpb9KOv4wE_a1K3FNDaPRILEo1Pof0lheX5q6OknYiFNk14vCPJFsZhQnqKj11-ic-8BROdJ2EXsmI5B1CrHN8J6GGRe-_zlgn_1FMoZ1X8D3r_3LD8lyFpSt8FIlyI6okkVtoRiIHE3Smz9dg-MeQmQ2ieLze9DBLNafTjVyElzByfvoACDsPj7qooL04q9rTenXlgGPKMj03xVUQxicJFkGpKj9vyYBHpOg92BWdAhQ6DHhHkBe5plfiYR8knKXG2JAy7CYQzNMYPBLq2ydAU9lzaXR2k1FHD-M1uwQZlXeMbrJhcGVY-9JkzMJ7y7-kmjPKCtDPD3wE2EDn0DrbGndt9Y9n3ZIylg-gq-sJMWiZZmF6TV9psyOtZS8D8Sy7Oa9mxqqybDuUhLvVqnswkYzs4BIapla6riM_jE035gBXYa_jPU7GbQb5OHm3WBt344gyO3nbgKOm2qY9Uxmfq_IWuYSdNFGhM7WqRtTW6fkiKWDFTsjiCAM6PumaHKutgn4E-hXpMNmC12i4PajruH2Dk94uTO5IsImYiy0T8cba-9WZxtDihDUM7i2uQAIqatq1UpJifoeoiBVvXdNogdRYLWGPKczhh6mbfOQvK96D54zcWjQLYT_HhXcKBKZ0XKuF8suOZsLgg3GWNddKHdoZKofUT37CSUfD-AMy9IucmKD1RdAVzE6LIYrtxHlCr6N3WrYIbZ2_71Gb5aHhKSDNxuG9_Q-yZqERjrErFMIGawvNjwvjWzawcJJUrd_RPToZaWEN9lMA5aYSo2GzK7uRM7-NqpCDs4gsyJDNvGjuWD-TfgAtXp-VtyakrIKcBOxbLKpOnsuBgfa9A7o-PqJZ-SRutnrWwDRFWYKSyg7AjjlcJXt4dQECsjTVflD1yTX6HJPeZW8B-F2MisSpUvV0m_wB4e7q0F3kvMAxPh9rRQGSpmR6hwK9GmqOdTh9snd_0_Xk2m_8o0wrJanBUcwiPZCy7Rrt63hFqizbJwnakwoKtQ5H6V1nW8VUhjpWMy9OHtqTh6um0GjtE7-5ZhLLuSHzXLHt-l2V8YFok9DjVXnhlY9H5tshzlgyRJioJCK4Mtcku6XNEW9oyDosLZsbuJLM3EOpDVZxbyDZkUkL4AyAlF8RHBeUvT9FASsv-aUGndg-I8PFaTcfs3o1skWkr9_6Ka6fPeuKuHT2_ADlvNSOGfe4V22f5rcQEPXO_9HX_86ynEuL7PsrhNrdRpp3PUJMTKvbVMq36MU_VW81Y4AWTJuNni9ygZD8x2aB0nkIA6jPmtWx7b7Mxjl7K_eJXS9CrB3aInBMNdgxK_wXte1ilUt8cE0AFsEbXkcsPxZ4kxskuSnLN-fp8BxD0BixOaN42LgLvLAhnJXmPjLYjFCs6EifJMa0Xa5pqUvo3baURp4ZMAv9-wvYhTLRDxU9BpAr5s1GmZS6NzNs83uBvSOWHnuJ5TESMO3A7udETNx4eO8badinbDYffMooS1NyTa9yUMvBxpdukQCUUmkoYOmj_8LttMOpAmUptlITNluuSlnDtcFfg3aasaM7hgDsJJeie7NfxIZ7TdZH-KvzimekDkBb9djRhfa1Z-pLZqH4PtCDaEpeOoz-2pwhAd6Rs3T-4RFquz5F8kw6J70t5h8Aeg34pIXlHVm5ur84cT5ac_09F8fM8bVdzbJH06wFs3b_GEcEboFRR9NnNqhMNoIvzYIJp7sCsxUXnCYvUMGyhbp12Psckptk6JZDVTohFull0BadvTg1_dSXyqLeB7KnKxDSBFw3xlxVKFF0vQBChbgqJhwaFH6xf6dHJOuGlF4Ymnfg9qer4h56fQcp1LAFTs6GyK__ErA1YtI105OnD_ChO18fWH5YKYsdgBit3Vmy7dDTRnpSnpweWNErffMmbWdlWfr927NRb_FfmBjppYFRnMg4VQ0AYXlPvRAVoYQ5EeQ5ozBQm8RmdEq6lVcjQNTkNqyBKQuGPcZR5AUTaps0DdAcxMsUGzgUOlk9tlugM_HCmVSRsNEFsL8R4xr8eZwoXx1yj9pQZ4OAXXzmP2LizYVnFlMkwJF9wRBKqDxVF18P_z1Amz0al752jtaCJmAcd6Dc4QuKggxePcl78ZMGXSxeucDnrtwpX68AFJ2QQMOvOXlv06Sz-X2BKYWYjv89JlrQ3xpqkXuO4roAyR-31fj7bzE6LvM8lSeIg5qT6z04Hcxv7NUaDX2JgcFVdhgzzTK7NMdyc4K7zqwrH9OEDgkVCDMcJQ7KMoMPHtOGVBt8LNVRSlEBhwcKcRVIH6NwAZqPjyjtCqDN7GrQSjz2ccL6YBRiFOpjVm5Y3W1lvaHEBkKWAR5BA3EKwbzb-p0wXJFniIPhhwglfa2LWBjVM98Ci55Xea6-7MTPIIV2krb5CM6P9S0_WRZdv84SdjAjewg6sd9LQNFAml5_pRdLlbuW8mLSXGiOpkxamecV5KTZDOBfTG496mOmyutC3JYd7xzWLPdDDsv7V_3_l3NRTa6rWGwj6Ep9gITt3A26w0kBSl4nIZuIl8sU08tOkhkfd7AccLp1MFZNgDmL1doR3IyPvN_TECFHthteT7Yk9vjn4VLgIV2C_tJ5OsT86ZpVRnZeJChe8739oXFBuMURIUoFVPKRssPHdz_TybIJs2SAcORQ4CU9Wvb3h9RV-2BviaIV0FxpT78Qci9kOQuOff85K-EH7F-NMNAnIy9ccN8eE6esXchsHNX0-6ayLACfNEc4efbb27-t8INJnAN3lNalexSr3lc3VAMByEEfKrbq2nSxXI0indggAPqOFTXUInp6vnI2xJNsLotOU0t5QXU50VjZGZPIwBA8i6-Ghr0tRIerrjWILB2uoeY5sgiDgvncGjPEOijY1qI6-WBWOigVFyRblgwSdOLrth8NvpO5u1kLNLv8kqhpRhkfVXkXLEiXevvJhaYlBGkJYqh2tvpbgHBuXQsmgkoKKriFss0GeJvtvvN7PLq3UDR2TsQPzjc04VmwVGp_E4tkmFPwN8QOUYAA0gVZdKk_aEbZ4UWpha3NCZ6EbK9PCl7bV1OdM967p4lAAbQhziKk0kQhApexbLXkZgMam_JBXWUeJ5dIa-_GdDpno0Ou70Lw8ehcWz1IdwTqAI_Ctt1Yk3FNwA1XYLrrUuSfmLhtL-U0jO8IyhAkC7koFDq4mPegUts9MaO5EUn_l_yTIF0McB74_82HTTenTbkY4O3MpAsgG4eeoVIAsGIMDnuj0R6ylCtQkhX8X6Hyq6ZtCvuqjEyie0A&cid=CAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=9864069048451348000&adk=1935140218&idt=193&cac=0&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 85C5 11 KB
4 KB 98ms
28ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1692728353930629&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxS7IfzkZMXmONjngAfQtLnoBKblvaBprZWcp8kP8C4QASCI2bOYAWCV8v2BlAfIAQmpAuSln-wSM7I-qAMByAObBKoEhgJP0BoZfRcrUJ34HE-YwB5v9UyQbozJgZ7-ScgPJ1lBz6-KV09GW9w3vFpXFAv-FY0Uy5M6vV0AZsxkWapQp-b2PEUL2aDKivZU797lPKvBSLAO27r_G7BcUAq3avpdEu1iQnRCss0CIlVZdgLK5lGYAKn8bToWmTFX3zTWxoIMDQOSTyODU8ugvZzuqX_nk-8hDgVhnq7vMGONTZvXX4cc-dnamCheua1zjn9ycgZ6JzGzX9rBMCXDcbCX5rHqTSYZr44h16GURMojr4aai55FsHcT5d1Z9MU0Zil5-B_9SI8De1vteu-NOEM0oda_h4Jb2127Fr_eTel-xDO9hnSDkHD0OeQ4wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhfvywfDwgAMV2DPgCh1QWg5NEAEYASAAEgJE3vD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB%26sig%3DAOD64_1rfhrAztMq_kTAV0hJYw3N07BrBQ%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-Cxw-4IyPda_a1qndvyOFeJ-UuS9K1-wIGNILbJ-N5vZ6GcTrbvD-YnB-df7F-ZBmpjb1tKbWeqVm7CWe-Z6bwGPdXoyuiNrGaGK8h8WxO3moyMtElamPLyCVKGSHyNhhxyac7NBRG-kkwi5oIhHSrK22XU7uHTbrj_QVqpzNnzVUWe9hk%26cry%3D1%26dbm_d%3DAKAmf-AZe4niW7vCA2epc-523_a7qAqI5zj_8cHRDS1Kzx4_0NW9bY578BG0eKCJc3mr8j1A2T1OHJSIvbttTczMq2Jc6QHMxiwYdoqifisU3kl8Wqfr0BFvOkgCeANcUyhySghzj0tYmCJFSEtrZCB2zyo1F7Cb44GAQ1Vey8eIoCPQNTGN8dMkF5_n3SYV_KlkyEPTjuKSDfG9PJo1Tt72KxFgTr2FQWxdnIFYqrGJ6_olhgQWDfv8iPldOfccdid2r5lS1qdeg9CwkgPWqvhdRcKddy0OGal-92fv6IR1b-HlTwPrNBn8bLXYr_1uzLvmtzxtmu30fGMXmcudlO5FsKUY8a-igqkXIht-yIZy5dX7iKJfb4H2aCOqWggq0xyM5zARIG3HrOv4d5EKfqUT1rxbeCZc2EQHbkSLUMdFCnGvpqrne4aJXXaik3JrEPwugdBHSZH7aIPWS_9r4raAYaxl6zWatzsdGnsDPa_i-oS58DmsCFU18ue2B1am1rNGFwjm4JxzA0F2u7d7tRh58QrhV-2wc2UE_l-Da538qNb8JybwcjM%26adurl%3D
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 07ccae99181f501ca2689cfd226fdb60cd754d7eae870c0c6817ca5a82e1c6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4215
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B414 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 347010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame B414 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 18:12:16 GMT

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 85C5
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

364ms
311ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxS7IfzkZMXmONjngAfQtLnoBKblvaBprZWcp8kP8C4QASCI2bOYAWCV8v2BlAfIAQmpAuSln-wSM7I-qAMByAObBKoEhgJP0BoZfRcrUJ34HE-YwB5v9UyQbozJgZ7-ScgPJ1lBz6-KV09GW9w3vFpXFAv-FY0Uy5M6vV0AZsxkWapQp-b2PEUL2aDKivZU797lPKvBSLAO27r_G7BcUAq3avpdEu1iQnRCss0CIlVZdgLK5lGYAKn8bToWmTFX3zTWxoIMDQOSTyODU8ugvZzuqX_nk-8hDgVhnq7vMGONTZvXX4cc-dnamCheua1zjn9ycgZ6JzGzX9rBMCXDcbCX5rHqTSYZr44h16GURMojr4aai55FsHcT5d1Z9MU0Zil5-B_9SI8De1vteu-NOEM0oda_h4Jb2127Fr_eTel-xDO9hnSDkHD0OeQ4wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhfvywfDwgAMV2DPgCh1QWg5NEAEYASAAEgJE3vD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB%26sig%3DAOD64_1rfhrAztMq_kTAV0hJYw3N07BrBQ%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-Cxw-4IyPda_a1qndvyOFeJ-UuS9K1-wIGNILbJ-N5vZ6GcTrbvD-YnB-df7F-ZBmpjb1tKbWeqVm7CWe-Z6bwGPdXoyuiNrGaGK8h8WxO3moyMtElamPLyCVKGSHyNhhxyac7NBRG-kkwi5oIhHSrK22XU7uHTbrj_QVqpzNnzVUWe9hk%26cry%3D1%26dbm_d%3DAKAmf-AZe4niW7vCA2epc-523_a7qAqI5zj_8cHRDS1Kzx4_0NW9bY578BG0eKCJc3mr8j1A2T1OHJSIvbttTczMq2Jc6QHMxiwYdoqifisU3kl8Wqfr0BFvOkgCeANcUyhySghzj0tYmCJFSEtrZCB2zyo1F7Cb44GAQ1Vey8eIoCPQNTGN8dMkF5_n3SYV_KlkyEPTjuKSDfG9PJo1Tt72KxFgTr2FQWxdnIFYqrGJ6_olhgQWDfv8iPldOfccdid2r5lS1qdeg9CwkgPWqvhdRcKddy0OGal-92fv6IR1b-HlTwPrNBn8bLXYr_1uzLvmtzxtmu30fGMXmcudlO5FsKUY8a-igqkXIht-yIZy5dX7iKJfb4H2aCOqWggq0xyM5zARIG3HrOv4d5EKfqUT1rxbeCZc2EQHbkSLUMdFCnGvpqrne4aJXXaik3JrEPwugdBHSZH7aIPWS_9r4raAYaxl6zWatzsdGnsDPa_i-oS58DmsCFU18ue2B1am1rNGFwjm4JxzA0F2u7d7tRh58QrhV-2wc2UE_l-Da538qNb8JybwcjM%26adurl%3D&documentReferer=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=1224832040223&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 6ea5d5bab83fbb2bd8c5f1d9955054be4e1d4f47ab4eb44963d41072e79d7659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 18:19:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 30438500092764904444554012424021
Connection: close
Content-Length: 1338
Expires: Tue, 22 Aug 2023 19:19:15 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 18:19:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxS7IfzkZMXmONjngAfQtLnoBKblvaBprZWcp8kP8C4QASCI2bOYAWCV8v2BlAfIAQmpAuSln-wSM7I-qAMByAObBKoEhgJP0BoZfRcrUJ34HE-YwB5v9UyQbozJgZ7-ScgPJ1lBz6-KV09GW9w3vFpXFAv-FY0Uy5M6vV0AZsxkWapQp-b2PEUL2aDKivZU797lPKvBSLAO27r_G7BcUAq3avpdEu1iQnRCss0CIlVZdgLK5lGYAKn8bToWmTFX3zTWxoIMDQOSTyODU8ugvZzuqX_nk-8hDgVhnq7vMGONTZvXX4cc-dnamCheua1zjn9ycgZ6JzGzX9rBMCXDcbCX5rHqTSYZr44h16GURMojr4aai55FsHcT5d1Z9MU0Zil5-B_9SI8De1vteu-NOEM0oda_h4Jb2127Fr_eTel-xDO9hnSDkHD0OeQ4wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhfvywfDwgAMV2DPgCh1QWg5NEAEYASAAEgJE3vD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB%26sig%3DAOD64_1rfhrAztMq_kTAV0hJYw3N07BrBQ%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-Cxw-4IyPda_a1qndvyOFeJ-UuS9K1-wIGNILbJ-N5vZ6GcTrbvD-YnB-df7F-ZBmpjb1tKbWeqVm7CWe-Z6bwGPdXoyuiNrGaGK8h8WxO3moyMtElamPLyCVKGSHyNhhxyac7NBRG-kkwi5oIhHSrK22XU7uHTbrj_QVqpzNnzVUWe9hk%26cry%3D1%26dbm_d%3DAKAmf-AZe4niW7vCA2epc-523_a7qAqI5zj_8cHRDS1Kzx4_0NW9bY578BG0eKCJc3mr8j1A2T1OHJSIvbttTczMq2Jc6QHMxiwYdoqifisU3kl8Wqfr0BFvOkgCeANcUyhySghzj0tYmCJFSEtrZCB2zyo1F7Cb44GAQ1Vey8eIoCPQNTGN8dMkF5_n3SYV_KlkyEPTjuKSDfG9PJo1Tt72KxFgTr2FQWxdnIFYqrGJ6_olhgQWDfv8iPldOfccdid2r5lS1qdeg9CwkgPWqvhdRcKddy0OGal-92fv6IR1b-HlTwPrNBn8bLXYr_1uzLvmtzxtmu30fGMXmcudlO5FsKUY8a-igqkXIht-yIZy5dX7iKJfb4H2aCOqWggq0xyM5zARIG3HrOv4d5EKfqUT1rxbeCZc2EQHbkSLUMdFCnGvpqrne4aJXXaik3JrEPwugdBHSZH7aIPWS_9r4raAYaxl6zWatzsdGnsDPa_i-oS58DmsCFU18ue2B1am1rNGFwjm4JxzA0F2u7d7tRh58QrhV-2wc2UE_l-Da538qNb8JybwcjM%26adurl%3D&documentReferer=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=1224832040223&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 22 Aug 2023 19:19:15 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B414 0
20 B 124ms
123ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B72tgI_zkZJaIAY2z9u8P0cCjyAoAAAAAOAHgBAI&bg=!np2lndLNAAZGPLJIZjw7ADQBe5WfOHJwHqj0s0n_BgsOBk46Yzvb1RS8ptrIn6T3oePDDqWdB5DBmERFjfyMlF1HaXHTAgAAAIZSAAAAC2gBB5kDQ9XDM8Wtn_AX0ruz7uasXahS_G4C-eDjK9eSJ4HPRJqbRIEoulzlUKE8NBc1YhjAh-aoQNBxUpZYH3p3_I0w_tV87H3-OxXSNOZ83PpmWVfNWZKw8EJ_QHjCsqJ15z9ulWFS3L2C2GEaR5sMv68sOSM0Bfoxyr341qIlaXldNco3wEwnj8B_2DB_O46GtsYfRcl9ezwhMWn_LFwzZWWqDZT8wpyBTexqchyFF-1D-CxRNk2ugwOp9VK0BFuZwoZAYjlcjHhLcPQKnop_NRx5iTEkkSM0FH36lFc8pz0RKGB1Z8mD4wLmW3dtC5_gyBsPmZO9ejpOOj4-L5bM8gkJqCkkbZfbUujlySWefzNMgfbL9oGlXuDsZqTIitnas8a93Qyv7gZ1wwzxNhS4-_PPJrhPHQ8Z4a0XBGau6zdqqAJZxQsoxeOwX9icHBTV3BpjVk2fKf35vV8yOA6bJqB7p1hI99t24-miW9E6PPYE_IDZSAyKiQQYMdjV7kgYSTvIJsXttU_eoOdTgZtmeNOP4ELZks0A0-appCXpwYsv0EJpyep8CZ5hjxF-EmJwylgjt8WQHZUCZTpjFI8lnre7mazQxSo8JzedBtL4RPobYLKiJhH554vhglmbORLNpdNolzcUKcabMYZDv-D7s5i8WGXgFb9z6HwXpko9haHfqCljMOWlea79h0gPNWoLDHCaQVCO9i5M4GK-UP0ofgFe8WueizFGj--gH4pkbTCaCdB24lhKIolaIHKnEp6rk_eKassL0YrGrJmojpssgCzSOwsM018J7NYgcwAmtCPfmlJHNsSlyxX39YoxYcgP9BjdQasGbQy6qGcHO60Yj2S8DM_JfUzU8L2Y6c1TPDaGE3HRLjf2pFd842xmUrwiAJ_kAQmhVVtLffKULLNXIinzQLIynV664CqkSaJaQxEgdavRtDG_yPYNTz7WEQTeSUBlMnDbdwSc3bUdSlk80mr8-cBN-7fUD4ji0z51aeB6wJoOG4zsDLo4UActZ-cFoud01Rma2Xf7x9Kp1wDIeAKCi6wF81fO2I8wrV5Zwlpx-LcAzZ90_C1I9PTckA3G2emxWaFOJkcpJ2Njia1r2coSPMFoZyg

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 124ms
124ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=3756373027337786&bg=!g4ClgM_NAAZGPLJIZjw7ADQBe5WfOBNdYxyDkdBElzYExA3_evwzHw1hXh2BkXCQdOoS_rXu7sBufxGxtZxw9amGmQvqAgAAAiNSAAAACGgBB5kCtsQeIhj0N1OAqyQ8_5pS0QVttKHdIY5bc2U-vRH3eMnQW7VHkp-3kF8LGz2LGYM5hdKRDYWAnxX53It-rwjG8PWMF8oocgSCin_kahWgxnELCpx4b6YEhse68nP73uX8azaQL9HuKdYI7X1L4qb1K8vi5VZ77nlPSfWfA2NWVhspxdWDCaUj5FyyhN_S2hsxRFQdh1PI0Hzszn0ziHF8SKPnOotz7_jILxWTj7P69d8kPPps_455-hztIRD_NuRubr0yxdFNrhLE8JdWkIEw6A-ykmSw_ceGMqaQ81pducgwDi0fGX4joZCTqyRFGeQZ20MRwL3dRGVUtHFhonZnCqveW9Wq9NkHYGEcdM51SViQ8R0bGbCgHrOtH62dfAID2daswXTfPU1_9C6yjTbvEbh6pmzaP2KVlFRHUc6zFBm8EpAEutGR7Enl6J_lrhJs8yNwk9hueMkr-FetH70w0qI3wZMLeK-Arl3wB16PcRtg3Zg_yio3Ir1_fgVfV4rtvKqs71eIuqBgJE7txKM29h1jv1_Sxu8FPZ8BNqRoTFtzebQRBQiTGJzVgiPu3Z6BecbTQi4BlHKihtKbXkIj7ain--QnpfZ44pi5K2UjXih_J9AMyZUtxT5EL1ZzKkKBbXLWJpNrMdl9RDDw8aHlbjZdaiB1T0pPgDZlTLss8n77O6JSQECsHkPBCjPvjr16mSxQgT24wqa9JqjnfT60x9UII3F5_8TAY24-242UZOEhG6eeVkzJHMhBG5G0Pf7kAbhR0OP3TAVEvrrJn0kl0EeOG0d7IXhL-aRrS1jVBVO9gVkh9XLi1YsH40MyNjlWO5SRGvJs44dfiKyvoTgk9IDFXQqqUeWhg95JRSFxQJCvBkoIg9RzedkxEcYy1KFC07fA5tcaUr2UD7ix-vBDP_-0lbNoXMo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 660E 42 B
64 B 127ms
126ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvodBHXxr6-W1tM8s2z_X83fhGlwmAkHb8Djd9aLnftIEfyUcYGg9p47Abg4YCR-nLi452CLujwKU54orL6ZU0w8gTCRABBDkzXf-9bIG7eHWXO2b5ZXP-zqepYDcgQWFnZkYZ3xapJ3Bpk&sai=AMfl-YQ7eBfJSsN5I03-CHQVrrHi-GZP-GU-41Sma1qIo_fsvp9S4fc270XDCj0WS6xYQ_qE-M0cZRvbyjwDfYlp8qiEgOXP4vgYaCOn0piMh9LxYNNyj-PiZoeDirLWXTeMfF6_sAgMfIxY3cLk8g&sig=Cg0ArKJSzIh1TxpO5l7-EAE&cid=CAQSTABpAlJWFSgPB0AAoxgXgMoLB7rZHRGElCkK5Lp-tqnCkPOfhA0gq7zraBBudxro-8ueJbibCBrFYzt4_0u7MLlsSUcGUR67s1gozNwYAQ&id=ampim&o=0,601&d=160,600&ss=1600,1200&bs=160,600&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=575&tls=1575&g=100&h=100&tt=1575&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9027 42 B
64 B 125ms
125ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6gvsNJzdIzrN-4CsoP6v8CHMx2ywgWeejMCvZcx1WxTIHnCuSpubQNzSxYazvoaC-e5j2WOy3QmsD2GXbJUKvrCXalsGdt0SxoW5YSVhsw9CLx4GN7NnQ-l7zP6zhoq3WLQjfHB5jIRrL&sai=AMfl-YSrbqedd4gYqUYB5qlFtq74bP2MMTcgg6Z8fFxo18e6FGjSPFJeI9iBA-IsFleapkI-hcpOCGFTtzbWEo6YzPuizcvTPd0iqvRuyCN_FcOdzF2mp9H8tk7ZilCKaM0acHcybTjuZV9MC8vAxQ&sig=Cg0ArKJSzLG6iV5-F3UDEAE&cid=CAQSTABpAlJWFSgPB0AAoxgXgMoLB7rZHRGElCkK5Lp-tqnCkPOfhA0gq7zraBBudxro-8ueJbibCBrFYzt4_0u7MLlsSUcGUR67s1gozNwYAQ&id=ampim&o=0,146&d=300,145&ss=1600,1200&bs=300,145&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=648&tls=1649&g=100&h=100&tt=1649&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 3E28
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=30438500092764904444554012424021&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=

0
201 B

103ms
62ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxS7IfzkZMXmONjngAfQtLnoBKblvaBprZWcp8kP8C4QASCI2bOYAWCV8v2BlAfIAQmpAuSln-wSM7I-qAMByAObBKoEhgJP0BoZfRcrUJ34HE-YwB5v9UyQbozJgZ7-ScgPJ1lBz6-KV09GW9w3vFpXFAv-FY0Uy5M6vV0AZsxkWapQp-b2PEUL2aDKivZU797lPKvBSLAO27r_G7BcUAq3avpdEu1iQnRCss0CIlVZdgLK5lGYAKn8bToWmTFX3zTWxoIMDQOSTyODU8ugvZzuqX_nk-8hDgVhnq7vMGONTZvXX4cc-dnamCheua1zjn9ycgZ6JzGzX9rBMCXDcbCX5rHqTSYZr44h16GURMojr4aai55FsHcT5d1Z9MU0Zil5-B_9SI8De1vteu-NOEM0oda_h4Jb2127Fr_eTel-xDO9hnSDkHD0OeQ4wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhfvywfDwgAMV2DPgCh1QWg5NEAEYASAAEgJE3vD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB%26sig%3DAOD64_1rfhrAztMq_kTAV0hJYw3N07BrBQ%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-Cxw-4IyPda_a1qndvyOFeJ-UuS9K1-wIGNILbJ-N5vZ6GcTrbvD-YnB-df7F-ZBmpjb1tKbWeqVm7CWe-Z6bwGPdXoyuiNrGaGK8h8WxO3moyMtElamPLyCVKGSHyNhhxyac7NBRG-kkwi5oIhHSrK22XU7uHTbrj_QVqpzNnzVUWe9hk%26cry%3D1%26dbm_d%3DAKAmf-AZe4niW7vCA2epc-523_a7qAqI5zj_8cHRDS1Kzx4_0NW9bY578BG0eKCJc3mr8j1A2T1OHJSIvbttTczMq2Jc6QHMxiwYdoqifisU3kl8Wqfr0BFvOkgCeANcUyhySghzj0tYmCJFSEtrZCB2zyo1F7Cb44GAQ1Vey8eIoCPQNTGN8dMkF5_n3SYV_KlkyEPTjuKSDfG9PJo1Tt72KxFgTr2FQWxdnIFYqrGJ6_olhgQWDfv8iPldOfccdid2r5lS1qdeg9CwkgPWqvhdRcKddy0OGal-92fv6IR1b-HlTwPrNBn8bLXYr_1uzLvmtzxtmu30fGMXmcudlO5FsKUY8a-igqkXIht-yIZy5dX7iKJfb4H2aCOqWggq0xyM5zARIG3HrOv4d5EKfqUT1rxbeCZc2EQHbkSLUMdFCnGvpqrne4aJXXaik3JrEPwugdBHSZH7aIPWS_9r4raAYaxl6zWatzsdGnsDPa_i-oS58DmsCFU18ue2B1am1rNGFwjm4JxzA0F2u7d7tRh58QrhV-2wc2UE_l-Da538qNb8JybwcjM%26adurl%3D&documentReferer=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=1224832040223&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 18:19:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 22 Aug 2023 08:19:16 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Tue, 22 Aug 2023 18:19:16 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA19:91BC_91EFC182:01BB_64E4FC23_4F41586:22022

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DD57
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=30438500092764904444554012424021&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4fc24e7656cda16a8cdaf&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
202 B

103ms
61ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4fc24e7656cda16a8cdaf&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 18:19:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 22 Aug 2023 08:19:16 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Tue, 22 Aug 2023 18:19:16 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4fc24e7656cda16a8cdaf&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA19:91BA_91EFC182:01BB_64E4FC23_4F3CB09:22024

GET
H2 200 / Show response
adv.office-partner.de/ Frame 8797 930 B
931 B 176ms
33ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=26579d8dd9&subid=&uid=0fbc0ff8a03fe880&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxS7IfzkZMXmONjngAfQtLnoBKblvaBprZWcp8kP8C4QASCI2bOYAWCV8v2BlAfIAQmpAuSln-wSM7I-qAMByAObBKoEhgJP0BoZfRcrUJ34HE-YwB5v9UyQbozJgZ7-ScgPJ1lBz6-KV09GW9w3vFpXFAv-FY0Uy5M6vV0AZsxkWapQp-b2PEUL2aDKivZU797lPKvBSLAO27r_G7BcUAq3avpdEu1iQnRCss0CIlVZdgLK5lGYAKn8bToWmTFX3zTWxoIMDQOSTyODU8ugvZzuqX_nk-8hDgVhnq7vMGONTZvXX4cc-dnamCheua1zjn9ycgZ6JzGzX9rBMCXDcbCX5rHqTSYZr44h16GURMojr4aai55FsHcT5d1Z9MU0Zil5-B_9SI8De1vteu-NOEM0oda_h4Jb2127Fr_eTel-xDO9hnSDkHD0OeQ4wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhfvywfDwgAMV2DPgCh1QWg5NEAEYASAAEgJE3vD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB%26sig%3DAOD64_1rfhrAztMq_kTAV0hJYw3N07BrBQ%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-Cxw-4IyPda_a1qndvyOFeJ-UuS9K1-wIGNILbJ-N5vZ6GcTrbvD-YnB-df7F-ZBmpjb1tKbWeqVm7CWe-Z6bwGPdXoyuiNrGaGK8h8WxO3moyMtElamPLyCVKGSHyNhhxyac7NBRG-kkwi5oIhHSrK22XU7uHTbrj_QVqpzNnzVUWe9hk%26cry%3D1%26dbm_d%3DAKAmf-AZe4niW7vCA2epc-523_a7qAqI5zj_8cHRDS1Kzx4_0NW9bY578BG0eKCJc3mr8j1A2T1OHJSIvbttTczMq2Jc6QHMxiwYdoqifisU3kl8Wqfr0BFvOkgCeANcUyhySghzj0tYmCJFSEtrZCB2zyo1F7Cb44GAQ1Vey8eIoCPQNTGN8dMkF5_n3SYV_KlkyEPTjuKSDfG9PJo1Tt72KxFgTr2FQWxdnIFYqrGJ6_olhgQWDfv8iPldOfccdid2r5lS1qdeg9CwkgPWqvhdRcKddy0OGal-92fv6IR1b-HlTwPrNBn8bLXYr_1uzLvmtzxtmu30fGMXmcudlO5FsKUY8a-igqkXIht-yIZy5dX7iKJfb4H2aCOqWggq0xyM5zARIG3HrOv4d5EKfqUT1rxbeCZc2EQHbkSLUMdFCnGvpqrne4aJXXaik3JrEPwugdBHSZH7aIPWS_9r4raAYaxl6zWatzsdGnsDPa_i-oS58DmsCFU18ue2B1am1rNGFwjm4JxzA0F2u7d7tRh58QrhV-2wc2UE_l-Da538qNb8JybwcjM%26adurl%3D&documentReferer=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=1224832040223&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 22 Aug 2023 18:19:16 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 29 Aug 2023 18:19:16 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 85C5
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=30438500092764904444554012424021&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=

0
629 B

124ms
47ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:16 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 22 Aug 2023 08:19:16 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 22 Aug 2023 18:19:16 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA19:9476_91EFC182:01BB_64E4FC24_4F41590:22022
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=30438500092764904444554012424021&actionid=879111&produktid=ratenkredit&dt_url=
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 85C5 43 B
482 B 688ms
327ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=30438500092764904444554012424021&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:16 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA19:9474_91EFC182:01BB_64E4FC24_4F3CB10:22024
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3205 42 B
64 B 125ms
125ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssB0XNqiNTFdKvtKW6_M0NSvQWMl-_8XdDVcRZM4locqf4a1k0WYjrmTBREXbiyVyummUEN0yd2ZZLXVK1dSfJv4-M8JL2kcP0sLTSR2lC20WqO_R2NuUvitwTc7ADJfDSOid5AuINauxua&sai=AMfl-YSDdk7uaxBVPM4HvWmxG3liTSKjq0Zz8LP2m9jG22FbLWjwv-xU2gPTDyxI8fTHa7jvwtoqk-_W9oU_TPUVpEjQv0CrD62N5lreKjU5c6sTlLbp7QGImJi_1HMnym4UIoe_JGuKVXlXW4fI&sig=Cg0ArKJSzFTntWhmcPV9EAE&cid=CAQSSwBpAlJWqlL1-JIJxQlTYZSfFlttmU66oyO0v12PU10CvCsflH5smfJKAXa5-On86nxVEEgrRQn5oOK5uN2PwmOs9VfiyDB0AKoVwxgB&id=ampim&o=0,601&d=300,600&ss=1600,1200&bs=300,600&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=406&tls=1406&g=100&h=100&tt=1407&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8797 119 KB
45 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f458d294b6c164092b3505807fa0a52693113f40e2a3f07b0a49b249d42ce25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46216
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 18:19:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8797 265 KB
88 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd2d1247f07ea39b38e3f409b1c1391691971f2a3ae1d93efd8436e898cb95ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 18:19:16 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 85C5 2 KB
2 KB 259ms
97ms Script
text/html 3.9.45.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=30438500092764904444554012424021&nw=1
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.45.49 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-45-49.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 9de9b979182a60389a0ea2ace4ecdb38c36e2a26b79f77b67d5ddd9c2a912dec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:19:16 GMT
last-modified: Tue, 22 Aug 2023 18:19:16 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 22 Aug 2023 18:20:16 GMT

GET
H2

200

activityi;dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312 Show response
5994599.fls.doubleclick.net/ Frame 86E5
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312?

391 B
326 B

143ms
133ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312?

Requested by

Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

4ccdc313f48910d52044e21752ea5e6ee1b98f9aed438ba83e329f2025aaa86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:17 GMT
expires: Tue, 22 Aug 2023 18:19:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 18:19:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame C586 7 KB
2 KB 79ms
28ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1b5d17785506b63654d785bd6c3f440a3c112b65a8494bf3d1529621b928f708

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2056
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Aug 2023 18:19:16 GMT
Expires: Tue, 22 Aug 2023 19:19:16 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 85C5 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b76369bd309f6c8ddffde5a898a67edf1853979cb9c5993f78f855d88beb0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame C586 5 KB
778 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 18:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 16:31:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 18:19:16 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C586 17 KB
17 KB 179ms
120ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 83fbf032f92fda6316f41b0528f2d447393ce03ee5ec557a7be676eac79a73ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:16 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16983
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C586 13 KB
13 KB 92ms
32ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: cba0ca23904ec7cfd89adc3172249a38daa207662d240ac2d3f0cb5ec07e5ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:16 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13284
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C586 16 KB
16 KB 119ms
58ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: d33f2ca7d08814d2eb32da45ce7c836e677c531fcaf29b4398790c9f22ce118d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:16 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame C586 0
150 B 96ms
26ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=30438500092764904444554012424021&a=14a1f127&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=30438500092764904444554012424021&a=c0285946
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:19:16 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame C586 14 KB
15 KB 45ms
32ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 328470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame C586 15 KB
15 KB 38ms
25ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 398295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 03:41:01 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 85C5 51 KB
18 KB 126ms
32ms Script
text/javascript 108.157.4.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=30438500092764904444554012424021&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-70.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:40:54 GMT
content-encoding: gzip
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 5903
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Kj6-P8OAJn0fqx2NwwQzgQT_BdBqqc4bqAHd6eaxkXyPgMVkKRQ_Tw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 85C5 85 B
437 B 103ms
23ms Image
image/gif 18.154.63.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1692728656&Signature=YUza75XLU2UxuBT2fbVFalBUylK9tsHYNdYzkX7nCL1-hYbFl2ZGKSuK3gCLv0BywXZ5rQTRrDruMfieZJ9Fl4Lh3XxkvqUC7sHs44287xnGWnSFgcMVQjQXbkCRzsxtu-8ZYiZII23r5t8JYqJ3XxHVCfZS9xIXHz6dZxyaXTmSRk7zAZ0lJ6H6WKcgtuO9RCZjgU8kT7mpLGK~TMbBQX4RGbLeQIJ3rPDk4BU-YmCOpvn9eBeCMwtxe8ONli~x0BKLQPgmJVLHXGrA3uHq3RLOkDQFQilmZ-mqhstDk77Jj8mnidCpwIzWhaJZyOo0UsUVg0Rxq8XHypVBmEjQsQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
URL: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-54.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 22 Aug 2023 08:09:53 GMT
via: 1.1 0f69d7a9607047e970bc7b59f2929828.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 36564
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: nqZSbNls-m-hQpfFedG_085wJgpg72GZPxnkWcucgpS8n2JojXrdww==

GET
H2 200 dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312
adservice.google.com/ddm/fls/z/ Frame 86E5 42 B
401 B 193ms
125ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CML7pMPw8IADFbgGaAgdFOgPhw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5388129221868.312?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 85C5 16 B
209 B 103ms
103ms Fetch
application/json 35.178.127.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.178.127.134 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-178-127-134.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 18:19:18 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 155ms
38ms Preflight 35.178.127.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.127.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-127-134.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 22 Aug 2023 18:19:17 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C5 0
20 B 246ms
245ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1982923038431&version=m202307240101&ct=77&x=1&cor=9864069048451348000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

296 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukr.net/	1970-01-20 14:12:10	Name: __cf_bm Value: 6v0QhV56IESlDVp6i4cJwJA1lBY9hcPwK_ZtOeOeuJU-1692728352-0-AbYrC6RakK0Mrc+0zG5OY6Ax+WaEZDbKz7U2EeDUZeVoClRysq6lfi+eZ/jDjxr+P6ImUxsfmaUkhFlmMR/SsJ8=
.ukr.net/	1970-01-20 22:57:44	Name: news_lang Value: ua
.ukr.net/	1970-01-20 22:57:44	Name: un_news_region Value: 9
.ukr.net/	1970-01-20 22:57:44	Name: snr Value: 9
.ukr.net/	1970-01-20 22:57:44	Name: scr Value: 9
.ukr.net/	1970-01-20 22:57:44	Name: sfr Value: 9
.ukr.net/	1970-01-20 22:57:44	Name: uid Value: Cj1tBGTk/CCw3KdYBRTBAg==
.fwdcdn.com/	1970-01-20 14:12:10	Name: __cf_bm Value: qk8GXYs3h_e9IIaqI5GB7hzySIuDXQ_LMTzDjvI261Y-1692728352-0-AdkoFrODnhIesA2nY7K3Gf7WGRIDxqMH8wS4OKIVaUm5/iiUvC0OTbaR8mCTWzWGfTGw+he+MIUPIppT3MwOkxo=
www.ukr.net/	1970-01-20 20:57:08	Name: cbtYmKname Value: 93edba4118b577ea
.mgid.com/	1970-01-20 14:12:10	Name: __cf_bm Value: 8ap4TjFzelsH7s6haWSZ6_5ruR0Cp4RBHWCAiwyof8E-1692728352-0-AVNdsBXNvy5HkC5FHCm8E0yJQIvsosHw7qYDNpWAV8Qpu51Vls8/J+Yr/X8mU1JjJayp5Ntv8UogZTsoj3EKsUE=
.ukr.net/	1970-01-20 22:57:44	Name: fuelId Value: 4
.ukr.net/	1970-01-20 22:57:44	Name: tracknew Value: 1692728352991443.1692728352.1
m.mixadvert.com/	1970-01-20 14:12:08	Name: c5aa1d31195c360fb81376537b4592d1 Value: 444319
m.mixadvert.com/	1970-01-20 14:13:34	Name: e284b8a6d09748414da25b7f483bd86f Value: 1
.ukr.net/	1970-01-20 23:48:08	Name: _ga_75WQ2FHNW7 Value: GS1.1.1692728352.1.0.1692728352.60.0.0
.ukr.net/	1970-01-20 23:48:08	Name: _ga Value: GA1.1.1379358869.1692728353
loadercdn.net/	1970-01-20 23:48:08	Name: vui Value: 909cec00aaa6425b9faeb0898b0c8600
www.ukr.net/	1970-01-20 14:55:20	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ukr.net/	1970-01-20 22:57:44	Name: _pubcid Value: 111e857e-6694-4a30-8073-05805a8fa572
.go.rcvlink.com/	1970-01-20 23:48:08	Name: cache Value: tp7c6dXYvmrz0x0
.ukr.net/	1970-01-20 22:57:44	Name: pcity Value: 102948339
.criteo.com/	1970-01-20 23:33:44	Name: uid Value: 646ec06e-2d30-4203-a5b3-74a18b56920f
.ukr.net/	1970-01-20 23:33:44	Name: cto_bundle Value: -ZrWDl9MU2xFZjFuaXZhcW9CVVVGYSUyQm1qTnlvQWc1RXk2dnB1NzY5ckppWGJ5V1N2WCUyRjRXMXdSRWFmY3VQaXpnbWg4cGVIVTViVVZjUmVZcUt4b0JnNDAyZmhXUW5DUWNKRzBoNkVIJTJCamxvWTQ5M1NzeUZXVW1iaFI3Wk91Nkgzb0htVVpjWks1R3NFdlI2THA1anVWb1lxUFElM0QlM0Q
a4p.adpartner.pro/	1970-01-20 15:38:32	Name: apuid Value: 639f4b67-da6e-4fd2-a0a2-5cc50c89c65c
.adtelligent.com/	1970-01-20 15:41:25	Name: vmuid Value: 6ee3b7d8e70fe77d
.adtelligent.com/	1970-01-20 15:41:25	Name: a307558 Value: 639f4b67-da6e-4fd2-a0a2-5cc50c89c65c
.trafmag.com/	1970-01-20 23:48:08	Name: vid Value: 9662236322302026
cookies.nextmillmedia.com/	1970-01-20 14:22:13	Name: NMUID Value: csuid_73ef5df9-5bf1-4899-800e-6bcb2ad8237b
.ukr.net/	1970-01-20 23:33:44	Name: __gads Value: ID=2544912018578c48:T=1692728353:RT=1692728353:S=ALNI_MZvFsorEFkBLJDukEcHea7ATEWW8w
.ukr.net/	1970-01-20 23:33:44	Name: __gpi Value: UID=00000c6600ec45f1:T=1692728353:RT=1692728353:S=ALNI_MZwBDluegD-evRRjPaWBv93TeMX6g
.doubleclick.net/	1970-01-20 23:33:44	Name: IDE Value: AHWqTUkzzVfP3pgtlXyrHxq1KUpurwz5fQp6U_z-qVs0yAdj7BPR4hpXGRKe8G4YRIA
.casalemedia.com/	1970-01-20 16:21:44	Name: CMPS Value: 3193
.casalemedia.com/	1970-01-20 16:21:44	Name: CMPRO Value: 3193
.doubleclick.net/	1970-01-20 18:31:20	Name: APC Value: AfxxVi5qK-tXxERw8-DYDxRu3OWhmlsSAyGwkyRddL2bItYxU7iUBg
.casalemedia.com/	1970-01-20 22:57:44	Name: CMID Value: ZOT8I.Sg9T63Wog97zaLRwAA
.adnxs.com/	1970-01-20 16:21:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?idy'p5!]tbPl1M>e)ZlrFUfJ+tGXxpS_-Cq1HMFaS@kouuaB@!.D9m<XOyz`nTJ(YM3If)y3KL9D3I?+?Ejmq[
.adnxs.com/	1970-01-20 16:21:44	Name: uuid2 Value: 1371071978102305495
.redintelligence.net/	1970-01-20 16:21:44	Name: 8lcfmzhxc8d6_uid Value: 3e8b07b459e072a9
.office-partner.de/	1970-01-20 23:48:08	Name: source Value: {"webgains_webgains":{"timestamp":1692728356367,"clickCookie":false}}
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2wbufckpf3yjmuzrjjaamjuz
pb.media01.eu/	1970-01-20 23:48:08	Name: DTU Value: DDD95B413295B48434EA0F266A4BBDB0
.doubleclick.net/	1970-01-20 14:12:11	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.ukr.net/api/v1/token/verification/acquire Message: Failed to load resource: the server responded with a status of 599 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

413987166fb6d731037fb1b8ea5f8ad1.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a4p.adpartner.pro
accounts.ukr.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cookies.nextmillmedia.com
counter.ukr.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900021.redintelligence.net
ib.adnxs.com
loadercdn.net
m.mixadvert.com
mail.ukr.net
mug.criteo.com
pagead2.googlesyndication.com
pb.media01.eu
pinformer.sinoptik.ua
player.adtcdn.com
player.adtelligent.com
pv.medialead.de
region1.analytics.google.com
s.znctrack.net
securepubads.g.doubleclick.net
servicer.mgid.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
track.webgains.com
trafmag.com
ukr.net
upst.fwdcdn.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ukr.net
zakladki.ukr.net
104.18.8.128
104.18.9.128
108.157.4.70
136.243.149.243
136.243.84.75
142.250.184.198
142.250.185.226
144.76.238.55
145.239.193.130
147.135.189.55
178.250.1.11
18.154.63.54
185.187.81.40
185.187.81.41
185.239.172.77
185.80.39.216
185.89.210.122
193.200.65.2
193.200.65.5
2001:4860:4802:34::36
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
216.52.2.30
216.58.206.38
2606:4700:1::6813:814c
2606:4700::6810:3965
2606:4700::6812:509
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:400c:c04::9b
2a02:2638:3::3
2a02:2638:d::d
2a06:98c1:3121::3
2a0b:4d07:102::1
3.9.45.49
35.178.127.134
44.205.87.2
45.133.44.3
54.38.197.123
62.149.23.112
88.198.250.30
010593a55b66332784926e2b1f0dd5980b9a69c7be6230a3324fa3ea6579266c
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
035d30edea98b203c1932662ecbe98a50d3d0a02c1b2cfd7e92c201de2f025de
0774d5ad85de44d8dc2783dcd533ef51356d7b200edb762b7d3dc6f3cbc41ef5
07ccae99181f501ca2689cfd226fdb60cd754d7eae870c0c6817ca5a82e1c6de
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f51095a34ab6bb9330c40eec1d39aac192f68b67dce85491dc3e6fcd36f0436
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701
114304de54f86287e7b392e41d8ef1c214a616846a764c22b669ba0c5f47acc6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513
13564734aa913667230958b87e0acc9322fc776cfa462cecee324a0d751c9504
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1b5d17785506b63654d785bd6c3f440a3c112b65a8494bf3d1529621b928f708
1bc7855542275b7d67fdd531837f2108daa5985e90b97ff67d49da619502bb88
1eaf087d451d017c328b92db63aa33f7f47a4b8255217b8bcc06258863a79616
1f458d294b6c164092b3505807fa0a52693113f40e2a3f07b0a49b249d42ce25
1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463
1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28d3081a71978cd1d51ffe679261b6f1300f3387929dd100f55cd52478b8cf92
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2ba54903c6c14debbc4b3282079ee637898b99d664bf7eb1b3ffc5fc916ea187
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37b76369bd309f6c8ddffde5a898a67edf1853979cb9c5993f78f855d88beb0f
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
489e1fc6b7736032fd652cde5622c189db1fb2e552dde56159c597a8cc1b72b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccdc313f48910d52044e21752ea5e6ee1b98f9aed438ba83e329f2025aaa86a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
5e487c4b01663fa4b58bd6fef552014c05e883884fef4d463d926b1b7f57b0fb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6b55be9e1814a6aaacd9b87ab713943b7343ea6e306d03c49bb21eef197fbb8b
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37
6ea5d5bab83fbb2bd8c5f1d9955054be4e1d4f47ab4eb44963d41072e79d7659
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090
7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221
7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
75f2fd61f02653e7bfa915704f7f0f82a478cfef7ce196c0c797703f8a945a46
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b4c23e55e92ff79c2cc5bf6ad9a3b584069c76465bdd85afdc5ac04ddac1d08
7bfefe36da5d18dcd93d65bd24cc4e5fc186980ab5bce87c3e5c87cb34c07e8f
7cf503e53e61fdfe8c30da45ed651c165943592a8a99b3e1626bdda668f93575
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff
7f334ea319a56bec9b2a2d5942670b93a0b90a3fa74ab851c15d7f0c7fffe9e5
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
83fbf032f92fda6316f41b0528f2d447393ce03ee5ec557a7be676eac79a73ad
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
8547e6427db74d12ff9d5468d6dcd6888d49133263625d33f48a98925f1adb96
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20
8aa1861c32f6362bbe4d9b414de164615f896b9717ca49d0c398838c38ab8264
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8f23a06e1360b0a1238169bc7e9c1498ac78efb2b3533870afec7190201c03b3
9009a64c8c619cf51d6952908861b7539822617098ebbe556adb09824d46ba53
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24
9a8a97fb0ba856593d81035f6a594c4dc1a11dc64cdc1b8e3f51b9d84e68b628
9ae166ffe2e543fb49ebe49baf86af4fd7f7a784948c161aeee194f676dbf6a4
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9de9b979182a60389a0ea2ace4ecdb38c36e2a26b79f77b67d5ddd9c2a912dec
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a22038c6159222e51fb4076c4d215578bcaf35b90668fcc880c5258a980d13d1
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad748494a20251ce4c2d1b7240959e8867ada475879d0a49bec3ca73e22b5f46
adc4165dea7f3a535d9fab477a0b1d80e45e416f2908d5399b28990c18c8481d
b0253d57bc1748b9f7cc25b42eb30c1f20565f84fd514b65b4cc93ce61fffe8e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b9f215c465b443fca19ef1a189ab91c09e6bc58f98da14307412f4be641245cc
ba33361129d0ccca0d52ffae2b70695c9968dfa430ea4be13a2fbe772510d212
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
bce5122a5ef7672c1473e34774b849e0cf704e6c8027acabbf39c9643138c2d6
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cba0ca23904ec7cfd89adc3172249a38daa207662d240ac2d3f0cb5ec07e5ed5
d019b68f4994adfdd0ab8b84f84494174be34adba1dd0b6cf407ac4173749662
d327407c591996f802b9ee276e7210ba775021b47cd6bdcd1882afa57c7e2207
d33c12edd162a0156a8e7ad0705ec33ad6d96779629a0fc75dbd1beb0daeaa88
d33f2ca7d08814d2eb32da45ce7c836e677c531fcaf29b4398790c9f22ce118d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
eaa7ae196a71041a9304a09513f49055d14dc5ec0c443ac6afb56ee59f9794b0
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f97887d2a8df37c23cfab962acf865d2eda181a49d6ac742cc7de95197e223d5
fd2d1247f07ea39b38e3f409b1c1391691971f2a3ae1d93efd8436e898cb95ba
fe020ad33fee708670d658bbe07bb91dac7cd0875e14171309e9afd0de8d96eb
ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

www.ukr.net Open in urlscan Pro 104.18.8.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

196 Requests

94 %HTTPS

41 %IPv6

35 Domains

55 Subdomains

53 IPs

10 Countries

2408 kBTransfer

6817 kBSize

42 Cookies

286 Outgoing links

Page URL History

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

94 %
HTTPS

41 %
IPv6

35
Domains

55
Subdomains

53
IPs

10
Countries

2408 kB
Transfer

6817 kB
Size

42
Cookies

196 HTTP transactions
8 data transactions