1504.kr.ua Open in urlscan Pro
31.41.216.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1504.kr.ua/
Effective URL:
https://1504.kr.ua/
Submission: On June 08 via api (June 8th 2022, 7:19:29 am UTC) from GB — Scanned from GB

Summary HTTP 198 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 51 domains to perform 198 HTTP transactions. The main IP is 31.41.216.91, located in Ukraine and belongs to BESTHOSTING-AS, UA. The main domain is 1504.kr.ua.
TLS certificate: Issued by R3 on May 29th 2022. Valid for: 3 months.

This is the only time 1504.kr.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	31.41.216.91 31.41.216.91	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	95.181.171.233 95.181.171.233	50214 (QWARTA) (QWARTA)
3 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 19	185.12.125.26 185.12.125.26	50214 (QWARTA) (QWARTA)
1	89.38.97.71 89.38.97.71	49981 (WORLDSTREAM) (WORLDSTREAM)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
22	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 1	157.90.6.171 157.90.6.171	24940 (HETZNER-AS) (HETZNER-AS)
2 2	194.190.76.38 194.190.76.38	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	81.222.128.13 81.222.128.13	20597 (ELTEL-AS) (ELTEL-AS)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3033::ac43:d997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2 6	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	138.201.65.66 138.201.65.66	24940 (HETZNER-AS) (HETZNER-AS)
2 2	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	78.46.16.13 78.46.16.13	24940 (HETZNER-AS) (HETZNER-AS)
2 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 1	178.170.196.9 178.170.196.9	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	176.122.21.139 176.122.21.139	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
5 5	217.66.147.170 217.66.147.170	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 4	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	168.119.8.212 168.119.8.212	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 3	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2 2	142.132.209.136 142.132.209.136	24940 (HETZNER-AS) (HETZNER-AS)
2 3	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	23.111.107.44 23.111.107.44	7979 (SERVERS-COM) (SERVERS-COM)
7	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4006:810::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:212... 2600:9000:2127:4600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
198	44

17 31.41.216.91 (Ukraine) 1 redirects

ASN42655 (BESTHOSTING-AS, UA)
PTR: s75.r53.com.ua

1504.kr.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.171.233 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv233.qwarta.ru

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.12.125.26 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.38.97.71 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: henry.dgrad-host.com

coml.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.6.171 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1359720.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.38 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.matchtv.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.13 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad3.adriver.ru

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d997 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.190.117.94 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.134 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.66 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.16.238 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.16.13 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow

9183367c-f113-426a-b60f-673aa5fabfb1.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.9 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.139 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

8ab803c17b4da0625f00f9290204bebe-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.170 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.8.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.8.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.132.209.136 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.136.209.132.142.clients.your-server.de

dmp.gotechnology.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN7979 (SERVERS-COM, US)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4006:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	1 MB
23	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 191	211 KB
20	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	349 KB
19	criteo.net static.criteo.net — Cisco Umbrella Rank: 578 pix.eu.criteo.net — Cisco Umbrella Rank: 7369 csm.eu.criteo.net — Cisco Umbrella Rank: 7618	43 KB
19	acint.net 2 redirects www.acint.net — Cisco Umbrella Rank: 39140 acint.net — Cisco Umbrella Rank: 29185	16 KB
17	1504.kr.ua 1 redirects 1504.kr.ua	255 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 277 fonts.googleapis.com — Cisco Umbrella Rank: 42	39 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	298 KB
7	mts.ru 7 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 29952 tech.rtb.mts.ru — Cisco Umbrella Rank: 29731	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 121427 dmg.digitaltarget.ru — Cisco Umbrella Rank: 24401	22 KB
6	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
4	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 2378	848 B
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 21606 ssp.adriver.ru — Cisco Umbrella Rank: 12161	2 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13804 ads.eu.criteo.com — Cisco Umbrella Rank: 7606 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9641	53 KB
3	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 3101	2 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 15058	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 31460 9183367c-f113-426a-b60f-673aa5fabfb1.sync.upravel.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1817	2 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 11898	1 KB
2	gotechnology.io 2 redirects dmp.gotechnology.io — Cisco Umbrella Rank: 58171	592 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10231	511 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 58830	683 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12087	819 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11830	829 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8526	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	85 KB
2	sape.ru 1 redirects cdn-rtb.sape.ru — Cisco Umbrella Rank: 79593 ssp-rtb.sape.ru — Cisco Umbrella Rank: 38525	898 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303	689 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 124564	753 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 83955	240 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 68931	189 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 32933	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 34549	455 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3561	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20604	176 B
1	beeline.ru 1 redirects 8ab803c17b4da0625f00f9290204bebe-sp.ops.beeline.ru	634 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 56557	164 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 185760	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 67513	304 B
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 137573	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 208692	109 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15831	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 24087	239 B
1	republer.com sync.republer.com — Cisco Umbrella Rank: 66172	68 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 53558	862 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11113	764 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	297 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	644 B
1	coml.be coml.be	1 KB
0	gvt1.com Failed r1---sn-4g5lzner.gvt1.com Failed
0	advarkads.com Failed s3.advarkads.com Failed
198	51

	Domain	Requested by
40	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com 1504.kr.ua
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
17	1504.kr.ua	1 redirects 1504.kr.ua
15	www.acint.net	2 redirects 1504.kr.ua www.acint.net
11	www.gstatic.com	www.google.com googleads.g.doubleclick.net
10	pix.eu.criteo.net	ads.eu.criteo.com
10	pagead2.googlesyndication.com	1504.kr.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
7	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	csi.gstatic.com	www.gstatic.com
5	sm.rtb.mts.ru	5 redirects
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	fonts.gstatic.com	fonts.googleapis.com
4	an.yandex.ru	1 redirects www.acint.net
4	acint.net	www.acint.net
4	www.google.com	3 redirects 1504.kr.ua
3	sync.bumlam.com	2 redirects www.acint.net
3	x01.aidata.io	2 redirects www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	sync3.adsniper.ru	2 redirects
2	dmp.gotechnology.io	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	cm.g.doubleclick.net	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	1504.kr.ua connect.facebook.net
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	cs.agency2.ru	1 redirects
1	pixel.konnektu.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	8ab803c17b4da0625f00f9290204bebe-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	9183367c-f113-426a-b60f-673aa5fabfb1.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	sync.republer.com	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	www.facebook.com	1504.kr.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	coml.be	1504.kr.ua
1	ajax.googleapis.com	1504.kr.ua
1	cdn-rtb.sape.ru	1504.kr.ua
0	r1---sn-4g5lzner.gvt1.com Failed	googleads.g.doubleclick.net
0	s3.advarkads.com Failed	www.acint.net
198	67

This site contains links to these domains. Also see Links.

Domain
nap-ua.org
cleo.pro

Subject Issuer	Validity	Valid
1504.kr.ua R3	`2022-05-29` - `2022-08-27`	3 months	crt.sh
*.sape.ru R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.acint.net R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
coml.be R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-17` - `2022-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
sync.republer.com R3	`2022-06-03` - `2022-09-01`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
new-programmatic.com R3	`2022-04-20` - `2022-07-19`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://1504.kr.ua/
Frame ID: 048C8FE2CE0B7C198CD603806A51CD93
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20190131/zrt_lookup.html
Frame ID: 04893C2575D72136B333ED7744568039
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 02195E6D67606889053E5908EB9A333F
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&adk=1812271804&adf=3025194257&lmt=1654672763&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1504.kr.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763482&bpp=1&bdt=500&idt=175&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4445414407493&frm=20&pv=2&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: CD190FD428FB70BD7211E11B0923ABD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=200&slotname=5304887618&adk=2627602528&adf=3056025636&pi=t.ma~as.5304887618&w=200&lmt=1654672763&psa=0&format=200x200&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763483&bpp=1&bdt=502&idt=214&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tIaO1sartR&p=https%3A//1504.kr.ua&dtd=219
Frame ID: 83688DE55935D17B850F31566422CFC7
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225
Frame ID: B957589B1D700D1A79FAAC029DC5482C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=2210820725&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=227&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=uPVh1UIITE&p=https%3A//1504.kr.ua&dtd=229
Frame ID: F2B08B1DBF2C325BCBBB76F242C73956
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=7304843612&adk=650596750&adf=2229882226&pi=t.ma~as.7304843612&w=160&lmt=1654672763&psa=0&format=160x600&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=231&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ilvufUP5cn&p=https%3A//1504.kr.ua&dtd=240
Frame ID: 7FF89E2BEA767954AF83BD0D3BAFB01B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=90&slotname=1537511616&adk=34966524&adf=1918659048&pi=t.ma~as.1537511616&w=728&lmt=1654672763&psa=0&format=728x90&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763487&bpp=1&bdt=505&idt=242&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600%2C160x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=9LCri8VPwQ&p=https%3A//1504.kr.ua&dtd=245
Frame ID: 7694569ED2D4895A8A22A7415D6F63EC
Requests: 6 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=8AB803C17B4DA0625F00F9290204BEBE
Frame ID: A9F050F61E03A8A31C7008D0FF24D38E
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqBNewANpOMKwUZBAAmEvvAqLM5G3lH7hlvwJw&u=%7C5mV%2FSpfH%2B2aIcwcIjShbU%2FsyiUOIOGWtCXvvwfFA9%2FU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxWcvi2P_4ixKQk-LkV9VvJp3JpPgQGrkE6-5ff5DYvRzUsi1clesyVLlEA2CsBqsgR4wJj9sZf71NvQGCBpMGTWolRu8Vua1sInAwndMwbRFAe5kAz6j4t98wtV86q97NZo7UbCfYYLKQsN167Fj1B5atVCbncKDBmE35cEBoBdZARKyhYTeWp04YVQGdsmGE3AI286ZUf1OVtugZHkv7mXnfZD77mfCYe5M12rY0m5c4J5JKs-Zm1zfpL422uX4QZov-0cDUHrGh9fw4L0sKzf_A9-t8HoZMsq7M-ENygf7rlYytuKqgFKsBImkT7Hxp5EWezgysxuO93O8auOZrqWElzmVZiDUprAVGFQf5XeEgMqss4WhCNEmxKFZloen89g9kshXjbRGIekbFgsbvGqsK0aBLp8-hw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgQZCe02gYuPJNsGMhQa-iaaYB8me0rFcxYyL4JoBwI23ARABIABglQKCARdjYS1wdWItODE5MjEyMjE1OTI4ODgxMqAB1bbS6gPIAQmpAgTINDzU77E-qAMBqgS1AU_QParFebugj3y2bsm95XE7KRLMQXaB63H12rF5v7BlDyyH2nM1eFPkL68ZzLHlAXDPUWEOm9eGlVpiCHP_4KtYSZoiCyzdBo9MRsnU8HTDlbgdF9EfL7K_0-G_as3qjbEBpMU6Cm30hoCdUm4TRZLhJG_O3viztE02ZmPAoLGLHN5CUrDjKwLa3YfTsgb6hZSFGncHmOG9oTB-CJii2Z8E-NPn3N9amKyTzTFyN5Xo8_yMJqGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0vFsO66QIgiQFa53EUKLpz1tQ_ZA%26client%3Dca-pub-8192122159288812%26adurl%3D
Frame ID: E2387BE6F06CECE736E27D5DB22EF277
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html
Frame ID: 499795490FD1ACE8E9E8B670BBEB68F2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 449FC2E4203948737A112BD90A40CD99
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html
Frame ID: 00D4E2EDFC11670B2C462083F31EBE78
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C545550506CA53D4A40F454848201768
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1
Frame ID: 093BD8B41BB8FA8220AA19E430F43B58
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1
Frame ID: F0C8AB490A048835830ECDCBAAC82F41
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 445521B622B20BD0F2B36729292E30F8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 735749A45434D03A333E2BCFA57EAA24
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Frame ID: 398D3B9CB6711807DB5CAE43D8C5FBAE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Frame ID: E828D7C6D6B93ED8C800CB12869805F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Frame ID: 59D3BF63D74BE3273F05875FB2678268
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Frame ID: A001C888678BC006F2ECBB5D8B62E8BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Каталог предприятий и организаций г. Кропивницкий.

Page URL History Show full URLs

http://1504.kr.ua/ HTTP 301
https://1504.kr.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

198
Requests

86 %
HTTPS

35 %
IPv6

51
Domains

67
Subdomains

44
IPs

9
Countries

2443 kB
Transfer

5340 kB
Size

75
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://nap-ua.org/
Title: nap-ua.org

Search URL Search Domain Scan URL

URL: http://cleo.pro/
Title: одежду оптом

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1504.kr.ua/ HTTP 301
https://1504.kr.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 40

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=8AB803C17B4DA0625F00F9290204BEBE&crf=1

Request Chain 41

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F7B4DA0621600FB300211BA5A

Request Chain 42

https://px.adhigh.net/p/cm/sape?u=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://px.adhigh.net/p/cm/sape?u=8AB803C17B4DA0625F00F9290204BEBE&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=usQpLnQSG8Tc.AikABlGBQi6s0g

Request Chain 44

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5853969322 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AahO7b0SamUt7iWo_b-AsSw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=8AB803C17B4DA0625F00F9290204BEBE

Request Chain 50

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://9183367c-f113-426a-b60f-673aa5fabfb1.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=9183367c-f113-426a-b60f-673aa5fabfb1

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=irgDwXtNoGJfAPkpAgS-vg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=irgDwXtNoGJfAPkpAgS-vg&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 52

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=8AB803C17B4DA0625F00F9290204BEBE

Request Chain 54

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=PZZOZPGT

Request Chain 55

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=8AB803C17B4DA0625F00F9290204BEBE&cs=1

Request Chain 56

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=Pny_M1FGJxDA

Request Chain 57

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=f853dd5f-8405-529f-abb3-8971c913c40a

Request Chain 58

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=8d04c16fa0854bc3af29a58b7428902f

Request Chain 59

https://8ab803c17b4da0625f00f9290204bebe-sp.ops.beeline.ru/p?ssp=sp&id=8AB803C17B4DA0625F00F9290204BEBE HTTP 301
https://www.acint.net/match?dp=111&euid=3811a0e4-fde0-464a-ad5e-7516a98fc80b

Request Chain 60

https://ut.rktch.com/matchspm?pi=1000005&pui=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2965349469 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=Ku2KE93jCkqESaO91ejDd.&noredirect

Request Chain 61

https://sm.rtb.mts.ru/p?ssp=sape&id=8AB803C17B4DA0625F00F9290204BEBE HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=8AB803C17B4DA0625F00F9290204BEBE HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F-g0XX0B6QG6_WqkB5Lvo9A%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D4224921108 HTTP 302
https://an.yandex.ru/setud/mts_banner/-g0XX0B6QG6_WqkB5Lvo9A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=4224921108

Request Chain 62

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=408eec11-9a5b-4936-42ba-83a6be52c621

Request Chain 63

https://s.uuidksinc.net/match/396/?remote_uid=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://www.acint.net/match?dp=127&euid=HW1ZB3M0c7bdFHOQB7zu

Request Chain 64

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=i159yfk7xo

Request Chain 67

https://x01.aidata.io/0.gif?pid=9401454&id=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=8AB803C17B4DA0625F00F9290204BEBE&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=lwW6ksZF8pCUvl%2ByV%2BJRkQ HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=lwW6ksZF8pCUvl%2ByV%2BJRkQ HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253DlwW6ksZF8pCUvl%25252ByV%25252BJRkQ%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DlwW6ksZF8pCUvl%252ByV%252BJRkQ%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=lwW6ksZF8pCUvl%2ByV%2BJRkQ&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&exu=lwW6ksZF8pCUvl%!B(string=%20%20)yV%!B(MISSING)JRkQ

Request Chain 68

https://dmp.gotechnology.io/match/sape?id=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://dmp.gotechnology.io/match/sape?id=8AB803C17B4DA0625F00F9290204BEBE&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetdspis/N2ExNTViYTUyOGUwZGQxMQ

Request Chain 69

https://sync.bumlam.com/?src=sap1&uid=8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj-moGVBlIFrbKc-w9iIDhBQjgwM0MxN0I0REEwNjI1RjAwRjkyOTAyMDRCRUJF HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj-moGVBlIFrbKc-w9iIDhBQjgwM0MxN0I0REEwNjI1RjAwRjkyOTAyMDRCRUJFogEQVA8feub7EeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQABj-moGVBmIgOEFCODAzQzE3QjREQTA2MjVGMDBGOTI5MDIwNEJFQkWiARBUDx965vsR7IbgACWQwGR8 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARj-moGVBmIgOEFCODAzQzE3QjREQTA2MjVGMDBGOTI5MDIwNEJFQkWiARBUDx965vsR7IbgACWQwGR8

Request Chain 70

https://an.yandex.ru/mapuid/sapeis/8AB803C17B4DA0625F00F9290204BEBE HTTP 302
https://an.yandex.ru/mapuid/sapeis/8AB803C17B4DA0625F00F9290204BEBE?redir-setuniq=1

Request Chain 71

https://cs.agency2.ru/p?ssp=sp&uid=8AB803C17B4DA0625F00F9290204BEBE HTTP 301
https://www.acint.net/match?dp=186&euid=cca95b35-f626-48d5-a162-fedf319c55f1

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://redirector.gvt1.com/videoplayback?id=0120ed60d8846780&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1654679964&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=94215609F76A76F8BC3AA8C3AB2769AC3E31043A.A13A956CCA85F3B12C9C3A6FF8A9E5A2D3E08AB5&key=ck2 HTTP 302
https://r1---sn-4g5lzner.gvt1.com/videoplayback?id=0120ed60d8846780&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654679964&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=70DF7C8CFBF83EE605CEB5A837181BA286AA8165.5897695679CB4FE80BDD3EA48379F567469633BB&key=cms1&cms_redirect=yes&mh=K8&mip=2a01:4a0:2c::3&mm=28&mn=sn-4g5lzner&ms=nvh&mt=1654671984&mv=u&mvi=1&pl=46

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 197

https://dmg.digitaltarget.ru/1/1093/i/i?i=489617412668468.819041981191549&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.819041981191549&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 198

https://dmg.digitaltarget.ru/1/1093/i/i?i=489617412668468.680095233019047&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.680095233019047&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_noorient

198 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1504.kr.ua/
Redirect Chain

http://1504.kr.ua/
https://1504.kr.ua/

21 KB
6 KB

315ms
126ms

Document
text/html

31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx / PHP/5.3.29
Resource Hash: 0820da4d9cdaa52b00758354b4429c42902356fc7f28b0759595927cb3f68fdd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-length: 5892
content-type: text/html
date: Wed, 08 Jun 2022 07:19:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/5.3.29

Redirect headers

Connection: keep-alive
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 08 Jun 2022 07:19:22 GMT
Location: https://1504.kr.ua/
Server: nginx

GET
H2 200 company.css
1504.kr.ua/css/ 6 KB
2 KB 88ms
87ms Stylesheet
text/css 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/css/company.css
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 824fc3a008150f4288e84ffd6b71ba24c873dca39b3e18763af5480382a0b05a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2015 14:58:13 GMT
server: nginx
etag: W/"55803985-1809"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 style.css
1504.kr.ua/css/ 13 KB
4 KB 89ms
88ms Stylesheet
text/css 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/css/style.css?%F0=5
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: d2ee566a19b2516482a9b94a99e6b3fec4389b30f7b356a44e0c21aae6f52583

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 18:33:18 GMT
server: nginx
etag: W/"5c5dcb6e-34c8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 default.css
1504.kr.ua/css/ 2 KB
1 KB 90ms
88ms Stylesheet
text/css 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/css/default.css
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: a83e8d32917c78553a8211a498a7b1aa32e115632abe78bb292ec11d06b58380

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2015 14:58:13 GMT
server: nginx
etag: W/"55803985-8b8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 slider.css
1504.kr.ua/css/ 540 B
500 B 90ms
90ms Stylesheet
text/css 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/css/slider.css
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: c0d424e5835307005505af235beef35922706fe9609cf1268e037c0ffdc6f81f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Sun, 27 Sep 2015 11:18:14 GMT
server: nginx
etag: W/"5607d076-21c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 6122.js Show response
cdn-rtb.sape.ru/rtb-b/js/122/2/ 0
332 B 357ms
114ms Script
application/javascript 95.181.171.233
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/rtb-b/js/122/2/6122.js

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv233.qwarta.ru

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
last-modified: Mon, 21 Mar 2022 21:03:23 GMT
server: openresty
x-amz-request-id: 16F68A0B0CF8EF3F
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache-status: REVALIDATED
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
date: Wed, 08 Jun 2022 07:19:23 GMT
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 08 Jun 2022 08:19:23 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 179ms
63ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 08 Jun 2022 07:19:23 GMT

GET
H2 200 main_logo.png
1504.kr.ua/images/logo/ 14 KB
15 KB 89ms
87ms Image
image/png 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/images/logo/main_logo.png
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: abba1c5898d239f34aabfcac1c615582707e49759f2d78f9d69cae821b6b50df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Sun, 17 May 2015 10:23:50 GMT
server: nginx
etag: "55586c36-39b2"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 14770
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 banner_1557292767.jpeg
1504.kr.ua/images/pic/ 47 KB
47 KB 175ms
174ms Image
image/jpeg 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/images/pic/banner_1557292767.jpeg
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 5bb8fdfca6102ba4fe0df3152b02f35d9b66aaef0acb3aa31915ba94ac9603fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Wed, 08 May 2019 05:19:27 GMT
server: nginx
etag: "5cd266df-bab4"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 47796
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 banner_1593179416.gif
1504.kr.ua/images/pic/ 33 KB
33 KB 260ms
259ms Image
image/gif 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/images/pic/banner_1593179416.gif
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 47bd6936d7dcfa77bf059cce7799ce76da05e2a84f7f0bc226c8b2fddcc8e87d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Fri, 26 Jun 2020 13:50:16 GMT
server: nginx
etag: "5ef5fd18-83c9"
content-type: image/gif
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 33737
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
56 KB 206ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91cb98a7e7a13fc8a31c0a6bfb3b05d4b7bf43aa02d711479e2d3ebb0fd3e460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56293
x-xss-protection: 0
server: cafe
etag: 9313813057849362826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 07:19:23 GMT

GET
H2 200 banner_1490781583.gif
1504.kr.ua/images/pic/ 39 KB
39 KB 260ms
259ms Image
image/gif 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/images/pic/banner_1490781583.gif
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 114bf4c1b45c9425c74314f034e1e1f1ccda74f13a3febfeeb1a5e60fb7d0604

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Wed, 29 Mar 2017 09:59:43 GMT
server: nginx
etag: "58db858f-9acf"
content-type: image/gif
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 39631
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 banner_1507801962.gif
1504.kr.ua/images/pic/ 48 KB
49 KB 260ms
259ms Image
image/gif 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/images/pic/banner_1507801962.gif
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 1e66fafc9cf5522875e9ea41884cbe27b56c4a5eb84d90ab0f131e50a64f66b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Thu, 12 Oct 2017 09:52:42 GMT
server: nginx
etag: "59df3b6a-c181"
content-type: image/gif
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 49537
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 banner_1549606232.jpeg
1504.kr.ua/images/pic/ 54 KB
54 KB 260ms
259ms Image
image/jpeg 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/images/pic/banner_1549606232.jpeg
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 514c5f71c8fcf3d04e8a8aef4305aa3381734b6c94ca950888a3bf4e5b59ec9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Fri, 08 Feb 2019 06:10:32 GMT
server: nginx
etag: "5c5d1d58-d694"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 54932
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 11:43:37 GMT

GET
H2 200 easySlider1.7.js Show response
1504.kr.ua/js/ 6 KB
2 KB 88ms
88ms Script
application/javascript 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/js/easySlider1.7.js
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: fd46e9bd1e8a058e67d9424231ed756728c0f4a5650dcbe25eb16e89bc8adb65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Fri, 17 Oct 2014 10:03:45 GMT
server: nginx
etag: W/"5440e981-174b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 fb.js Show response
1504.kr.ua/js/ 673 B
574 B 88ms
87ms Script
application/javascript 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/js/fb.js
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: a5f4a21662148622476fae9787851bd90bf702d7944577d7b22fb05e4b5f6dd3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Sat, 19 Aug 2017 10:07:48 GMT
server: nginx
etag: W/"59980df4-2a1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 scripts.js Show response
1504.kr.ua/js/ 3 KB
1 KB 88ms
87ms Script
application/javascript 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1504.kr.ua/js/scripts.js
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 5f6f9ddea33f1891af549b1c9593c1ca8ce9cc279d2d3ba3ba7cbbb8b7e13c0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 15:45:37 GMT
server: nginx
etag: W/"5f510fa1-b01"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 0
0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 362 KB
143 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Origin: https://1504.kr.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 23:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146184
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 23:26:14 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 312ms
110ms Script
application/x-javascript 185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 06:38:54 GMT
server: openresty
etag: "627dfcfe-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Wed, 08 Jun 2022 19:19:23 GMT

GET
H2 200 search.png
1504.kr.ua/icon/ 668 B
841 B 256ms
255ms Image
image/png 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/icon/search.png
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/css/style.css?%F0=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 9148f204dcfa21391c76386282277d8687657eddec46eb17261e188a0ec55016

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/css/style.css?%F0=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Thu, 21 Aug 2014 04:17:08 GMT
server: nginx
etag: "53f572c4-29c"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 668
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK sia Show response
coml.be/ 2 KB
1 KB 356ms
189ms Script
text/html 89.38.97.71
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://coml.be/sia
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.38.97.71 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: henry.dgrad-host.com
Software: nginx /
Resource Hash: cc465b60cc1f17bd9d75c2b8b0f8424d87b89abb8804229f5b5373c33d8f04e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 07:19:23 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 21 Jul 1977 07:30:00 GMT

GET
H2 200 gr.png
1504.kr.ua/icon/ 251 B
424 B 242ms
241ms Image
image/png 31.41.216.91
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1504.kr.ua/icon/gr.png
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/css/style.css?%F0=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.91 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s75.r53.com.ua
Software: nginx /
Resource Hash: 4a87cc0b95e738db19188a3ccdb1ffa1d502f4b8efa8b6c9e0f7addb60381434

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/css/style.css?%F0=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Thu, 21 Aug 2014 04:17:08 GMT
server: nginx
etag: "53f572c4-fb"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 251
expires: Wed, 22 Jun 2022 07:19:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 171ms
54ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/js/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb39891f31b20f7e1e891fe757be8797a01b4ee34dcc2b8ea814dd60a08b0ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mDvAo410MqTJ9NHIFdylPw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Jun 2022 07:35:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: R5cctMDrbnqF29gdQy4PewItfK6Xaww38x2JsXXZBC9Pg8gL8G3z0e6B3S6QL12ly/p4rVvEle3+Yw8Vw+Pp/w==
x-fb-trip-id: 917726464
x-fb-content-md5: 14c262b842686567d15b6ad5323eb334
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Jun 2022 07:19:23 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ba6d2a1d8bbbb665dc1b6d1c0735ecf8"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 339 KB
120 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8192122159288812&plah=1504.kr.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6884435e89015330243b53d784097bda1b00e46452afaf7518811d0ea5173c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122339
x-xss-protection: 0
server: cafe
etag: 95569633553635454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 07:19:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220606/r20190131/ Frame 0489 10 KB
5 KB 171ms
55ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220606/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 00:41:56 GMT
etag: 14734731752043123527
expires: Wed, 22 Jun 2022 00:41:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 292 KB
83 KB 118ms
58ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=6ea0e69bb4fb2bcaddc762717bbdb314

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a825847149e7cb04de032d196799a342152c7723173b7ca171cac0e0668f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://1504.kr.ua/
Origin: https://1504.kr.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gMAMx8jGUUoiTljpqvI/TQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 08 Jun 2023 06:14:17 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84909
x-fb-rlafr: 0
x-fb-debug: 868w8HHm8Fo6OUEXtHQJSGaf35DMZzcMb65iNM2r/L5vN1EH2hxUsHJE1gWcVMuPa+hmsSQ35lxQae2csY7M+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ade3c8f065b582f3b001b69b1a7004a7
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:23 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2fdd66dc5e925b02cf697c8da1a35056"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 0219
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

109ms
108ms

Document
text/html

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: bc57e1f0a3ce81c4c49590eb31c498c1f9444fd5cd536b788efa8ed0eac71016

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 08 Jun 2022 07:19:23 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Wed, 08 Jun 2022 07:19:23 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2 200 /
www.acint.net/hit/ 43 B
341 B 98ms
97ms Image
image/gif 185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=1ab2838d-b3ba-47e2-98b0-e02e93cfab30&dp=10&tz=%2B00%3A00&nc=59697288&u=https%3A%2F%2F1504.kr.ua%2F&r=&rs=1600x1200&t=%D0%9A%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%B8%D0%B9%20%D0%B8%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B9%20%D0%B3.%20%D0%9A%D1%80%D0%BE%D0%BF%D0%B8%D0%B2%D0%BD%D0%B8%D1%86%D0%BA%D0%B8%D0%B9.&oE=1&oP=1&dT=2022-06-08T07%3A19%3A23.568&fu=7420f703-4c11-4bc9-8458-7c4a9b9f102c
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 191ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1504.kr.ua&callback=_gfp_s_&client=ca-pub-8192122159288812

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8192122159288812&plah=1504.kr.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9ff4ded4918c8f230ce2cbbb748b65b27d54ca14b9b857278d1b4b6a8a119d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 182ms
65ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1504.kr.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 195ms
63ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1504.kr.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD19 261 KB
66 KB 604ms
493ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&adk=1812271804&adf=3025194257&lmt=1654672763&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1504.kr.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763482&bpp=1&bdt=500&idt=175&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4445414407493&frm=20&pv=2&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a76848c409a5cebdb4ea2e96d6294b8cc8669d75a3608ee3237b789ab2d010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67840
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8368 104 KB
35 KB 515ms
427ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=200&slotname=5304887618&adk=2627602528&adf=3056025636&pi=t.ma~as.5304887618&w=200&lmt=1654672763&psa=0&format=200x200&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763483&bpp=1&bdt=502&idt=214&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tIaO1sartR&p=https%3A//1504.kr.ua&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f6130c95d6d2edace823eb58839a964b5c268e28872f0bebea7405a1cef8607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35949
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B957 97 KB
33 KB 596ms
516ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d81924fa3f2747dc15aae9c4cc7ff4749e218ba239747782f26e8eeeebcdfc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33914
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F2B0 23 KB
10 KB 556ms
482ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=2210820725&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=227&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=uPVh1UIITE&p=https%3A//1504.kr.ua&dtd=229

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82d3774bbe8751e40e2fb43c5a2edbb960afc197c85b873692754aed177686a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9890
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7FF8 79 KB
26 KB 591ms
529ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=7304843612&adk=650596750&adf=2229882226&pi=t.ma~as.7304843612&w=160&lmt=1654672763&psa=0&format=160x600&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=231&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ilvufUP5cn&p=https%3A//1504.kr.ua&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d010b8a3994cd090b0018452ea54e9a6e8e555d1468ca54eb88788080d452c8a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CILxvrKonfgCFfKDywEdLHMK2g&gqi=e02gYoDYMoyDwuIP8ouAiAk&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 26511
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CILxvrKonfgCFfKDywEdLHMK2g&gqi=e02gYoDYMoyDwuIP8ouAiAk&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7694 78 KB
26 KB 513ms
455ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=90&slotname=1537511616&adk=34966524&adf=1918659048&pi=t.ma~as.1537511616&w=728&lmt=1654672763&psa=0&format=728x90&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763487&bpp=1&bdt=505&idt=242&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600%2C160x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=9LCri8VPwQ&p=https%3A//1504.kr.ua&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6775c8bcb1243feeedc7d31e46cade34eb3e5da2ad56fd2a3070d1519aff6b87

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPHqvrKonfgCFRYYwQodaSUItA&gqi=e02gYs7XMsvitwfgtrCoCQ&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 26412
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPHqvrKonfgCFRYYwQodaSUItA&gqi=e02gYs7XMsvitwfgtrCoCQ&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 180ms
57ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1439024809738065&ev=fb_page_view&dl=https%3A%2F%2F1504.kr.ua%2F&rl=&if=false&ts=1654672763797&sw=1600&sh=1200&at=

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 08 Jun 2022 07:19:23 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 0219
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=8AB803C17B4DA0625F00F9290204BEBE
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=8AB803C17B4DA0625F00F9290204BEBE&crf=1

68 B
607 B

67ms
65ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=8AB803C17B4DA0625F00F9290204BEBE&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=8AB803C17B4DA0625F00F9290204BEBE&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0219
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F7B4DA0621600FB300211BA5A

43 B
269 B

120ms
114ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F7B4DA0621600FB300211BA5A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 08 Jun 2022 07:19:23 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F7B4DA0621600FB300211BA5A
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 0219
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=8AB803C17B4DA0625F00F9290204BEBE
https://px.adhigh.net/p/cm/sape?u=8AB803C17B4DA0625F00F9290204BEBE&bounced=1
https://acint.net/match?dp=17&euid=usQpLnQSG8Tc.AikABlGBQi6s0g

43 B
269 B

138ms
138ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=usQpLnQSG8Tc.AikABlGBQi6s0g
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f10-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=usQpLnQSG8Tc.AikABlGBQi6s0g
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 0219 43 B
764 B 295ms
97ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=8AB803C17B4DA0625F00F9290204BEBE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:24 GMT
Last-Modified: Wed, 08 Jun 2022 07:19:24 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 08 Jun 2022 13:19:24 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0219
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5853969322
https://www.acint.net/rmatch?dp=45&euid=AahO7b0SamUt7iWo_b-AsSw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=8AB803C17B4DA0625F00F9290204BEBE

42 B
201 B

226ms
107ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=8AB803C17B4DA0625F00F9290204BEBE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Wed, 08 Jun 2022 07:19:24 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=8AB803C17B4DA0625F00F9290204BEBE
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 0219 0
862 B 180ms
79ms Image
text/plain 2606:4700:3033::ac43:d997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD3F2XEueOSxm%2BOi8x08UHTn8euZ7DYk7KNOTlNWWxYeiwhJP3Jzh6T%2BgrlHJ%2FUC0Y8YDSWsXy7%2BSR3AGQ8DcvMDBVxpikA5iGW67ISCqtZNV0otvFWo9YOAOHtbsUpwgDRtPDdwpoxyDls%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 717fdbe6986f067e-LHR
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
sync.republer.com/ Frame 0219 0
68 B 300ms
95ms Image
text/plain 194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?dsp=sape

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:27:01 GMT
strict-transport-security: max-age=0
server: nginx

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 0219 0
239 B 185ms
58ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=8AB803C17B4DA0625F00F9290204BEBE

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:23 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 529
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 0219 3 KB
3 KB 305ms
98ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:24 GMT
Last-Modified: Wed, 08 Jun 2022 07:04:15 GMT
Server: nginx
ETag: "62a049ef-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 0219 0
69 B 196ms
60ms Image
text/plain 138.201.65.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=8AB803C17B4DA0625F00F9290204BEBE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.66 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.65.201.138.clients.your-server.de
Software: nginx/1.19.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 07:19:23 GMT
server: nginx/1.19.7

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://9183367c-f113-426a-b60f-673aa5fabfb1.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=9183367c-f113-426a-b60f-673aa5fabfb1

43 B
269 B

125ms
123ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=9183367c-f113-426a-b60f-673aa5fabfb1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 08 Jun 2022 07:19:24 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=9183367c-f113-426a-b60f-673aa5fabfb1
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=irgDwXtNoGJfAPkpAgS-vg
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=irgDwXtNoGJfAPkpAgS-vg&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

98ms
98ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 0219
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=8AB803C17B4DA0625F00F9290204BEBE
https://adlmerge.com/merge_gpsid/?sid=50&id=8AB803C17B4DA0625F00F9290204BEBE

43 B
115 B

186ms
49ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=8AB803C17B4DA0625F00F9290204BEBE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Wed, 08 Jun 2022 07:19:24 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=8AB803C17B4DA0625F00F9290204BEBE
date: Wed, 08 Jun 2022 07:19:24 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0219 42 B
201 B 438ms
110ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=8AB803C17B4DA0625F00F9290204BEBE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=PZZOZPGT

43 B
269 B

160ms
160ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=PZZOZPGT
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=PZZOZPGT
Date: Wed, 08 Jun 2022 07:19:24 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 0219
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=8AB803C17B4DA0625F00F9290204BEBE
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=8AB803C17B4DA0625F00F9290204BEBE&cs=1

35 B
378 B

59ms
59ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=8AB803C17B4DA0625F00F9290204BEBE&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=8AB803C17B4DA0625F00F9290204BEBE&cs=1
date: Wed, 08 Jun 2022 07:19:24 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=Pny_M1FGJxDA

43 B
269 B

97ms
97ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=Pny_M1FGJxDA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=Pny_M1FGJxDA
Date: Wed, 08 Jun 2022 07:19:24 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 0219
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=f853dd5f-8405-529f-abb3-8971c913c40a

43 B
269 B

120ms
120ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=f853dd5f-8405-529f-abb3-8971c913c40a
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=f853dd5f-8405-529f-abb3-8971c913c40a
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0219
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=8d04c16fa0854bc3af29a58b7428902f

43 B
269 B

135ms
134ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=8d04c16fa0854bc3af29a58b7428902f
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=8d04c16fa0854bc3af29a58b7428902f
date: Wed, 08 Jun 2022 07:19:23 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://8ab803c17b4da0625f00f9290204bebe-sp.ops.beeline.ru/p?ssp=sp&id=8AB803C17B4DA0625F00F9290204BEBE
https://www.acint.net/match?dp=111&euid=3811a0e4-fde0-464a-ad5e-7516a98fc80b

43 B
269 B

97ms
96ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=3811a0e4-fde0-464a-ad5e-7516a98fc80b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 08 Jun 2022 07:19:24 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=3811a0e4-fde0-464a-ad5e-7516a98fc80b
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.34
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 0219
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=8AB803C17B4DA0625F00F9290204BEBE
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2965349469
https://ut.rktch.com/matchspm?pi=1000006&pui=Ku2KE93jCkqESaO91ejDd.&noredirect

88 B
88 B

96ms
96ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=Ku2KE93jCkqESaO91ejDd.&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:25 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
via: 1.1 google
last-modified: Wed, 08 Jun 2022 07:19:25 GMT
server: Weborama Collect Frontend
location: https://ut.rktch.com/matchspm?pi=1000006&pui=Ku2KE93jCkqESaO91ejDd.&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

-g0XX0B6QG6_WqkB5Lvo9A
an.yandex.ru/setud/mts_banner/ Frame 0219
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=8AB803C17B4DA0625F00F9290204BEBE
https://sm.rtb.mts.ru/match/second?ssp=30&exu=8AB803C17B4DA0625F00F9290204BEBE
https://tech.rtb.mts.ru/?dsp_uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F-g0XX0B6QG6_WqkB5Lvo9A%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/-g0XX0B6QG6_WqkB5Lvo9A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=4224921108

43 B
103 B

110ms
109ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/-g0XX0B6QG6_WqkB5Lvo9A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=4224921108

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 07:19:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 08 Jun 2022 07:19:25 GMT

Redirect headers

Date: Wed, 08 Jun 2022 07:19:25 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/-g0XX0B6QG6_WqkB5Lvo9A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=4224921108
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=408eec11-9a5b-4936-42ba-83a6be52c621

43 B
269 B

117ms
116ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=408eec11-9a5b-4936-42ba-83a6be52c621
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=408eec11-9a5b-4936-42ba-83a6be52c621
date: Wed, 08 Jun 2022 07:19:24 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=8AB803C17B4DA0625F00F9290204BEBE
https://www.acint.net/match?dp=127&euid=HW1ZB3M0c7bdFHOQB7zu

43 B
269 B

98ms
97ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=HW1ZB3M0c7bdFHOQB7zu
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=HW1ZB3M0c7bdFHOQB7zu
date: Wed, 08 Jun 2022 07:19:24 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=i159yfk7xo

43 B
269 B

115ms
115ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=i159yfk7xo
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=i159yfk7xo
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 0d1d37bb-bf51-473f-b26a-30111612a441
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 0219 0
215 B 286ms
92ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=8AB803C17B4DA0625F00F9290204BEBE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 08 Jun 2022 07:17:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 8AB803C17B4DA0625F00F9290204BEBE
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 0219 0
189 B 296ms
94ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/8AB803C17B4DA0625F00F9290204BEBE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 0219
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=8AB803C17B4DA0625F00F9290204BEBE
https://x01.aidata.io/0.gif?pid=9401454&id=8AB803C17B4DA0625F00F9290204BEBE&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=lwW6ksZF8pCUvl%2ByV%2BJRkQ
https://sm.rtb.mts.ru/match/second?ssp=51&exu=lwW6ksZF8pCUvl%2ByV%2BJRkQ
https://tech.rtb.mts.ru/?dsp_uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DlwW6ksZF8pCUvl%252ByV%252BJRkQ%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=lwW6ksZF8pCUvl%2ByV%2BJRkQ&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&exu=lwW6ksZF8pCUvl%!B(string=%20%20)yV%!B(MISSING)JRkQ

0
434 B

96ms
96ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&exu=lwW6ksZF8pCUvl%!B(string=%20%20)yV%!B(MISSING)JRkQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:26 GMT
last-modified: Wed, 08 Jun 2022 07:19:25 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 08 Jun 2022 07:19:25 GMT

Redirect headers

Date: Wed, 08 Jun 2022 07:19:26 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=fa0d175f-407a-406e-bf5a-a901e4bbe8f4&exu=lwW6ksZF8pCUvl%!B(string= )yV%!B(MISSING)JRkQ
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

404

N2ExNTViYTUyOGUwZGQxMQ
an.yandex.ru/mapuid/gonetdspis/ Frame 0219
Redirect Chain

https://dmp.gotechnology.io/match/sape?id=8AB803C17B4DA0625F00F9290204BEBE
https://dmp.gotechnology.io/match/sape?id=8AB803C17B4DA0625F00F9290204BEBE&chk=1
https://an.yandex.ru/mapuid/gonetdspis/N2ExNTViYTUyOGUwZGQxMQ

43 B
108 B

99ms
99ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetdspis/N2ExNTViYTUyOGUwZGQxMQ

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 07:19:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 08 Jun 2022 07:19:25 GMT

Redirect headers

date: Wed, 08 Jun 2022 07:19:25 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: http://an.yandex.ru/mapuid/gonetdspis/N2ExNTViYTUyOGUwZGQxMQ
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 0219
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=8AB803C17B4DA0625F00F9290204BEBE
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj-moGVBlIFrbKc-w9iIDhBQjgwM0MxN0I0REEwNjI1RjAwRjkyOTAyMDRCRUJF
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj-moGVBlIFrbKc-w9iIDhBQjgwM0MxN0I0REEwNjI1RjAwRjkyOTAyMDRCRUJFogEQVA8feub7EeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=sap1&s_data=CAIQABj-moGVBmIgOEFCODAzQzE3QjREQTA2MjVGMDBGOTI5MDIwNEJFQkWiARBUDx965vsR7IbgACWQwGR8
https://sync.bumlam.com/?src=sap1&s_data=CAIQARj-moGVBmIgOEFCODAzQzE3QjREQTA2MjVGMDBGOTI5MDIwNEJFQkWiARBUDx965vsR7IbgACWQwGR8

0
523 B

54ms
54ms

Image
text/html

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARj-moGVBmIgOEFCODAzQzE3QjREQTA2MjVGMDBGOTI5MDIwNEJFQkWiARBUDx965vsR7IbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:26 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 08 Jun 2022 07:19:26 GMT
Server: nginx
ETag: 540f1f7a-e6fb-11ec-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARj-moGVBmIgOEFCODAzQzE3QjREQTA2MjVGMDBGOTI5MDIwNEJFQkWiARBUDx965vsR7IbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

8AB803C17B4DA0625F00F9290204BEBE
an.yandex.ru/mapuid/sapeis/ Frame 0219
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/8AB803C17B4DA0625F00F9290204BEBE
https://an.yandex.ru/mapuid/sapeis/8AB803C17B4DA0625F00F9290204BEBE?redir-setuniq=1

43 B
80 B

112ms
111ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/8AB803C17B4DA0625F00F9290204BEBE?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 07:19:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 08 Jun 2022 07:19:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 07:19:25 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/8AB803C17B4DA0625F00F9290204BEBE?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 08 Jun 2022 07:19:25 GMT

GET
H2

200

match
www.acint.net/ Frame 0219
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=8AB803C17B4DA0625F00F9290204BEBE
https://www.acint.net/match?dp=186&euid=cca95b35-f626-48d5-a162-fedf319c55f1

43 B
269 B

100ms
99ms

Image
image/gif

185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=cca95b35-f626-48d5-a162-fedf319c55f1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 08 Jun 2022 07:19:25 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=cca95b35-f626-48d5-a162-fedf319c55f1
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET frame.html
s3.advarkads.com/modules/match/ Frame A9F0 0
0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 0219 16 KB
16 KB 199ms
197ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=706211370380731
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:24 GMT
Last-Modified: Wed, 08 Jun 2022 07:04:16 GMT
Server: nginx
ETag: "62a049f0-3e06"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15878

GET
H3 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame 8368 10 KB
4 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=200&slotname=5304887618&adk=2627602528&adf=3056025636&pi=t.ma~as.5304887618&w=200&lmt=1654672763&psa=0&format=200x200&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763483&bpp=1&bdt=502&idt=214&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tIaO1sartR&p=https%3A//1504.kr.ua&dtd=219

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 00:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 00:43:31 GMT

GET
H3 200 327a2f53e8b7ae59adc1a35b4c015d49.js Show response
www.gstatic.com/mysidia/ Frame 8368 134 KB
50 KB 168ms
59ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2966fd929f6ef5ac5b30eb42f2eff08724c7f2a0b7a653dea0aa0d6995d6ab85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50844
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 01:42:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8368 12 KB
1 KB 180ms
64ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41ea673bc703729530e41523e65a361de0e42ddb9b9d321e9c385ee7b42443e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 06:42:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 8368 2 KB
938 B 147ms
147ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:52:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame 8368 21 KB
9 KB 246ms
114ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8701
x-xss-protection: 0
server: cafe
etag: 7038200677561849530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:01:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 8368 3 KB
1 KB 147ms
147ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:21:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 8368 17 KB
7 KB 198ms
70ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:00:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8368 138 KB
43 KB 66ms
66ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 8368 31 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 20:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 20:03:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F2B0 0
0 97ms
95ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnjHce02gYuPJNsGMhQa-iaaYB8me0rFcxYyL4JoBwI23ARABIABglQKCARdjYS1wdWItODE5MjEyMjE1OTI4ODgxMqAB1bbS6gPIAQmpAgTINDzU77E-qAMBqgSyAU_QParFebugj3y2bsm95XE7KRLMQXaB63H12rF5v7BlDyyH2nM1eFPkL68ZzLHlAXDPUWEOm9eGlVpiCHP_4KtYSZoiCyzdBo9MRsnU8HTDlbgdF9EfL7K_0-G_as3qjbEBpMU6Cm30hoCdUm4TRZLhJG_O3viztE02ZmPAoLGLHN5CUrDjKwLa3YfT8ATbFxMKhmS4BPUecQ3Y8JG20ykO1stlaBdnPl4s0x1qsj9s4EOABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgxOTIxMjIxNTkyODg4MTIYAA&sigh=lz0AoY55v7k&uach_m=[UACH]&cid=CAQSGwCNIrLM-ehyErxdLdWgUPLBtNDH5zqOFLxOuhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=2210820725&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=227&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=uPVh1UIITE&p=https%3A//1504.kr.ua&dtd=229

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=2210820725&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=227&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=uPVh1UIITE&p=https%3A//1504.kr.ua&dtd=229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F2B0 0
0 197ms
63ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8ENO-MLQB2ASdg2ICAgAAAPP9fV9f5LzyEHpNoGJvyQAV1Q6tw_kzVAASAAA&wp=YqBNewANpOMKwUZBAAmEvvAqLM5G3lH7hlvwJw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 227185
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E238 163 KB
53 KB 261ms
145ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YqBNewANpOMKwUZBAAmEvvAqLM5G3lH7hlvwJw&u=%7C5mV%2FSpfH%2B2aIcwcIjShbU%2FsyiUOIOGWtCXvvwfFA9%2FU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxWcvi2P_4ixKQk-LkV9VvJp3JpPgQGrkE6-5ff5DYvRzUsi1clesyVLlEA2CsBqsgR4wJj9sZf71NvQGCBpMGTWolRu8Vua1sInAwndMwbRFAe5kAz6j4t98wtV86q97NZo7UbCfYYLKQsN167Fj1B5atVCbncKDBmE35cEBoBdZARKyhYTeWp04YVQGdsmGE3AI286ZUf1OVtugZHkv7mXnfZD77mfCYe5M12rY0m5c4J5JKs-Zm1zfpL422uX4QZov-0cDUHrGh9fw4L0sKzf_A9-t8HoZMsq7M-ENygf7rlYytuKqgFKsBImkT7Hxp5EWezgysxuO93O8auOZrqWElzmVZiDUprAVGFQf5XeEgMqss4WhCNEmxKFZloen89g9kshXjbRGIekbFgsbvGqsK0aBLp8-hw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgQZCe02gYuPJNsGMhQa-iaaYB8me0rFcxYyL4JoBwI23ARABIABglQKCARdjYS1wdWItODE5MjEyMjE1OTI4ODgxMqAB1bbS6gPIAQmpAgTINDzU77E-qAMBqgS1AU_QParFebugj3y2bsm95XE7KRLMQXaB63H12rF5v7BlDyyH2nM1eFPkL68ZzLHlAXDPUWEOm9eGlVpiCHP_4KtYSZoiCyzdBo9MRsnU8HTDlbgdF9EfL7K_0-G_as3qjbEBpMU6Cm30hoCdUm4TRZLhJG_O3viztE02ZmPAoLGLHN5CUrDjKwLa3YfTsgb6hZSFGncHmOG9oTB-CJii2Z8E-NPn3N9amKyTzTFyN5Xo8_yMJqGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0vFsO66QIgiQFa53EUKLpz1tQ_ZA%26client%3Dca-pub-8192122159288812%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

887ca61c30596a0fbf9e94c67162330cb9161a8f03d8d93718313c0ed02ffafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:19:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=V9fe5_JYAXTIyLVmFqWJEj-77QrvDyH30FvbtMoAGTKW7N9ETs2VMTQkv9A8U4SHl7eHOAvJnY-mfYTPPTTIZWfpK3GX06JVkXMvmkH98vjiTdE_RMd4LGd38adAMtSV_Lb8gkQ8ISq0bbodADxtEdea_PhhlyXRmD5NVnbyn_7-IufGK3JEvAOfNF6P2jYwguKgahkVDugnUlqvoLPprpQ-gh6V5rXZ2bKonsTB66C9T3pR-QQfMtjpqUH2l6vX4FeTSA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 89972045
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame F2B0 3 KB
1 KB 281ms
192ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:21:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2B0 138 KB
42 KB 92ms
91ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame F2B0 17 KB
7 KB 151ms
61ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:00:30 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 4997 138 KB
31 KB 195ms
130ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=90&slotname=1537511616&adk=34966524&adf=1918659048&pi=t.ma~as.1537511616&w=728&lmt=1654672763&psa=0&format=728x90&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763487&bpp=1&bdt=505&idt=242&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600%2C160x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=9LCri8VPwQ&p=https%3A//1504.kr.ua&dtd=245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa1933953767fc53aff3ab036d0e7c5127be7d13eba7895432c2ecab5be64ff

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 30759
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:08:44 GMT
expires: Thu, 08 Jun 2023 07:08:44 GMT
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7694 0
0 98ms
97ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cii4Pe02gYrHBNpawhAbpyqCgC8aYi8JqztSd56MP2tkeEAEgtKrMHmCVAqABxbvsogPIAQmpAgTINDzU77E-qAMByAMCqgTPAU_QHjIdciA0bXl3uE37qNMB-dacLq14A4CIP7VNq2dWXisTWZUbWXfZgdGWivCUq8J-EcuWbGTjbJGjN4p0LNTDEC7zXoY8OFFkWgyYdCAk_NEv8VdMqVIs8GGabMY_DjuWJbm68STSCko_F0rg65IK2q3ekEIRvvYW4RbyDQJ0-jsbGWSYR760lC3YVZ6hS0WWXfkCAieA12tTfTjpP5Y-VIGbsSyTR5pWb8nzJTNpwcfR5c_utsa_yhHLrEo6GwwnWUla7s3AR1gifR36P8AEwPXJ5fEDkgUECAQYAZIFBAgFGASgBl2AB6PEk12oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCnlU_SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODE5MjEyMjE1OTI4ODgxMhgA&sigh=bvaQAjQpuPU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=90&slotname=1537511616&adk=34966524&adf=1918659048&pi=t.ma~as.1537511616&w=728&lmt=1654672763&psa=0&format=728x90&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763487&bpp=1&bdt=505&idt=242&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600%2C160x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=9LCri8VPwQ&p=https%3A//1504.kr.ua&dtd=245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 449F 143 B
163 B 57ms
56ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=90&slotname=1537511616&adk=34966524&adf=1918659048&pi=t.ma~as.1537511616&w=728&lmt=1654672763&psa=0&format=728x90&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763487&bpp=1&bdt=505&idt=242&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600%2C160x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=9LCri8VPwQ&p=https%3A//1504.kr.ua&dtd=245
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 06:46:02 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 7694 3 KB
1 KB 262ms
200ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:11:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7694 138 KB
42 KB 205ms
91ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 7694 17 KB
7 KB 256ms
195ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:03:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B957 8 KB
1 KB 88ms
63ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 07:03:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame B957 2 KB
984 B 229ms
192ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:52:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B957 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6jZ2e02gYu22Ns-4hAb45ZLID6jF1eRjj9nW2sUOur-yz4smEAEgtKrMHmCVAqABoovM6APIAQmpAgTINDzU77E-qAMByAPLBKoEzAFP0CqxFl-MwgFfEjIjNINIlILiD24gYGw7xvDnffY5Rs43XxozR8N6_v_23GXu3-M-GOQsFIWcuWYXbg_cIrOvydYk8l6-vxjw2mFwY3NW8DKi7cpktKEuQ0iNsQUOrND6NVy5ZUtWNm-H0Gh15EMamozqiYA8XkTGjc7-dkuJhnBGjGMvSdQVrr6FXgsT9GeKuQk8VJi9z7QPqVYq25-Ghl7tQUCIw433LAXNVDbssBuEtXmeAuLEVx_Hr9_CZhFXOe2RFoNigWweSjjABN_bw-3GA5IFBAgEGAGSBQQIBRgEoAYugAfG9LMXqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0egn0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gn2BMNiBQB0BUBgBcBshccChoIABIUcHViLTgxOTIxMjIxNTkyODg4MTIYAA&sigh=z8rHtvSkMuc&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame B957 21 KB
9 KB 219ms
183ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8701
x-xss-protection: 0
server: cafe
etag: 7038200677561849530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:01:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame B957 3 KB
1 KB 225ms
190ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:21:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B957 138 KB
42 KB 200ms
113ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame B957 17 KB
7 KB 141ms
106ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:00:30 GMT

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame B957 31 KB
13 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 20:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 20:03:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 00D4 138 KB
30 KB 191ms
162ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=7304843612&adk=650596750&adf=2229882226&pi=t.ma~as.7304843612&w=160&lmt=1654672763&psa=0&format=160x600&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=231&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ilvufUP5cn&p=https%3A//1504.kr.ua&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa1933953767fc53aff3ab036d0e7c5127be7d13eba7895432c2ecab5be64ff

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 30759
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 07:08:44 GMT
expires: Thu, 08 Jun 2023 07:08:44 GMT
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7FF8 0
0 95ms
94ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY6gQe02gYsLHNvKHrr4PrOap0A3GmIvCas7UneejD9rZHhABILSqzB5glQKgAcW77KIDyAEJqQLT0Dy_3e2xPqgDAcgDAqoE0AFP0FAqS_yeLsPsU_D04pDVI3S6-OtFSNHiHh850Y7zW_Jb-gsl7h0XSJwr0fb4VvXNKXXGAl09SVGE_tResjHGSXteWp2J-A5cQKGBOEb-I9ymSGOJa2bP4ZW9pP-TgA18LXnO9vNwZ3HCaqBtntaiyQY3eRNrL8JR349ux2kfR8YSslFQhT5yYlSIp3Gnpb6mrnGsALcAyvhP_z-PlHL8Z-v0odplPkgsEhneMOIO-9kFQSahhzT8RVoTxfKVtXiNBDZis-GvMmfA2gkSkY57wATA9cnl8QOSBQQIBBgBkgUECAUYBKAGXYAHo8STXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKOzX9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MTkyMTIyMTU5Mjg4ODEyGAA&sigh=SLr_4PKAXW0&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=7304843612&adk=650596750&adf=2229882226&pi=t.ma~as.7304843612&w=160&lmt=1654672763&psa=0&format=160x600&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=231&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ilvufUP5cn&p=https%3A//1504.kr.ua&dtd=240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C545 143 B
163 B 54ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=7304843612&adk=650596750&adf=2229882226&pi=t.ma~as.7304843612&w=160&lmt=1654672763&psa=0&format=160x600&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763486&bpp=1&bdt=504&idt=231&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200%2C180x600%2C180x600&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1408&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ilvufUP5cn&p=https%3A//1504.kr.ua&dtd=240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 06:46:02 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 7FF8 3 KB
1 KB 218ms
190ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:21:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 7FF8 17 KB
8 KB 82ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:00:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FF8 138 KB
42 KB 146ms
68ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1197188738370552412/ Frame B957 3 KB
4 KB 149ms
125ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1197188738370552412/downsize_200k_v1?w=195&h=102

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f4540dafb440535b93a2f445526514e421cff4c9ca6ead9aa31745a6555e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:49:12 GMT
x-content-type-options: nosniff
age: 538212
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3513
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 14:19:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Jun 2023 01:49:12 GMT

GET
DATA 200
OK truncated
/ Frame B957 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B957 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 147 KB
53 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb45c35c3e4ca6691ff526ff91925cbfa14bdbe1a6e2c49c33efa555f004462f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53778
x-xss-protection: 0
server: cafe
etag: 3086459673622212882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 449F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

167ms
166ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 07:19:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C545
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

130ms
129ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 07:19:24 GMT
expires: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 07:19:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16900663536514144678/ Frame 8368 2 KB
2 KB 183ms
73ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16900663536514144678/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0353842c6ea08bd85487c710a18be735b01a8bef461cb339b522cdd3b27998e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 09:22:35 GMT
x-content-type-options: nosniff
age: 338209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1668
x-xss-protection: 0
last-modified: Mon, 18 Feb 2019 13:59:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Jun 2023 09:22:35 GMT

GET
DATA 200
OK truncated
/ Frame F2B0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64dc5ddca01dda3021ca807586bc2ffbb488804fd307fca568a753f867d3979e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 8368 0
327 B 281ms
102ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l459fwa9&c=2971087055392&slotId=1485543527696&qqid=CNXjvrKonfgCFVdvwQodo-QMbA&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6776939229092203455/ Frame 8368 43 KB
43 KB 153ms
73ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6776939229092203455/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31eb2c04c7e20f2819979bd5ebdbce0cd39e95d2dcc76e01a9dec29304e76d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 13:06:42 GMT
x-content-type-options: nosniff
age: 65562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43741
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 14:10:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Jun 2023 13:06:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8368 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9Iuoe02gYpW6NtfehQajybPgBtaKqOZjz-zN7oAO2tkeEAEgtKrMHmCVAqAB35j6_gPIAQmpAgTINDzU77E-qAMByAPLBKoE0gFP0D0xipYlNn2Y6FhbvH2BIcJyQN0kJHotjX_MSJ_5SYMCNOO21UlkeU36kHBKPKhXpY7rDtmlKsQtDXmwi6zbNAguqA-R2DFGePJ-PfeSYPVrMboPDcC_3APdOHBd-KqW2mEJBEyHjUJAhYFW4C_UQEPLUrVLY_SGzJnTpXWommmDOytdVZ0WsOC8ynrfcfkLQzMtXJQtII74FRqFpMyP-LS8GFjJrzkSo3JZ7rnpIvKV4BzCn9tONi4a_lLeq-PRolJM1g-ukIqEPDJVTLCMVqLABPHui7PbA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeJ54UBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8-AX0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTgxOTIxMjIxNTkyODg4MTIYAA&sigh=sPw2rIgxMAU&uach_m=[UACH]&template_id=3484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=200&slotname=5304887618&adk=2627602528&adf=3056025636&pi=t.ma~as.5304887618&w=200&lmt=1654672763&psa=0&format=200x200&url=https%3A%2F%2F1504.kr.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763483&bpp=1&bdt=502&idt=214&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tIaO1sartR&p=https%3A//1504.kr.ua&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FF8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7687082a383efb915be0c1df9c04a4b382f8ae9fd08c1188e4bb104f98cea06c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET

videoplayback
r1---sn-4g5lzner.gvt1.com/ Frame 8368
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=0120ed60d8846780&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1654679964&sparams=ip,ipbits,expire,id,...
https://r1---sn-4g5lzner.gvt1.com/videoplayback?id=0120ed60d8846780&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654679964&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

0
0

GET
H3 200 css
fonts.googleapis.com/ Frame 4997 2 KB
570 B 173ms
63ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc948b0fa40e7f9c846107553aa5578ca1ff73d3d3498c6581b038c3cb72e5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 07:14:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4997 16 KB
6 KB 80ms
66ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4997 26 KB
10 KB 68ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 08 Jun 2022 16:13:42 GMT

GET
DATA 200
OK truncated
/ Frame 8368 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22b96adb990ef6f1e2e417254e51fe341b2e22fe663a73efe05452f17f3a567f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 175ms
62ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1504.kr.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 176ms
64ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1504.kr.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/ Frame 093B 10 KB
4 KB 56ms
56ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 00:41:41 GMT
etag: 14734731752043123527
expires: Wed, 22 Jun 2022 00:41:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/ Frame F0C8 10 KB
4 KB 53ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1504.kr.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 00:41:41 GMT
etag: 14734731752043123527
expires: Wed, 22 Jun 2022 00:41:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 00D4 2 KB
570 B 118ms
64ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc948b0fa40e7f9c846107553aa5578ca1ff73d3d3498c6581b038c3cb72e5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 07:19:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 00D4 16 KB
6 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 00D4 26 KB
10 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 08 Jun 2022 16:13:42 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8368 0
54 B 167ms
102ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l459fwag&c=2971087055392&slotId=1485543527696&qqid=CNXjvrKonfgCFVdvwQodo-QMbA&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffa287546e1d5bd0678894d5c227e456c.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8368 0
54 B 168ms
104ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l459fwdn&c=2971087055392&slotId=1485543527696&qqid=CNXjvrKonfgCFVdvwQodo-QMbA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F327a2f53e8b7ae59adc1a35b4c015d49.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8368 0
54 B 167ms
103ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l459fwdn&c=2971087055392&slotId=1485543527696&qqid=CNXjvrKonfgCFVdvwQodo-QMbA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F1a132ce94651f9fd8f1d4e10540034d5.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E238 2 KB
1 KB 171ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqBNewANpOMKwUZBAAmEvvAqLM5G3lH7hlvwJw&u=%7C5mV%2FSpfH%2B2aIcwcIjShbU%2FsyiUOIOGWtCXvvwfFA9%2FU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxWcvi2P_4ixKQk-LkV9VvJp3JpPgQGrkE6-5ff5DYvRzUsi1clesyVLlEA2CsBqsgR4wJj9sZf71NvQGCBpMGTWolRu8Vua1sInAwndMwbRFAe5kAz6j4t98wtV86q97NZo7UbCfYYLKQsN167Fj1B5atVCbncKDBmE35cEBoBdZARKyhYTeWp04YVQGdsmGE3AI286ZUf1OVtugZHkv7mXnfZD77mfCYe5M12rY0m5c4J5JKs-Zm1zfpL422uX4QZov-0cDUHrGh9fw4L0sKzf_A9-t8HoZMsq7M-ENygf7rlYytuKqgFKsBImkT7Hxp5EWezgysxuO93O8auOZrqWElzmVZiDUprAVGFQf5XeEgMqss4WhCNEmxKFZloen89g9kshXjbRGIekbFgsbvGqsK0aBLp8-hw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgQZCe02gYuPJNsGMhQa-iaaYB8me0rFcxYyL4JoBwI23ARABIABglQKCARdjYS1wdWItODE5MjEyMjE1OTI4ODgxMqAB1bbS6gPIAQmpAgTINDzU77E-qAMBqgS1AU_QParFebugj3y2bsm95XE7KRLMQXaB63H12rF5v7BlDyyH2nM1eFPkL68ZzLHlAXDPUWEOm9eGlVpiCHP_4KtYSZoiCyzdBo9MRsnU8HTDlbgdF9EfL7K_0-G_as3qjbEBpMU6Cm30hoCdUm4TRZLhJG_O3viztE02ZmPAoLGLHN5CUrDjKwLa3YfTsgb6hZSFGncHmOG9oTB-CJii2Z8E-NPn3N9amKyTzTFyN5Xo8_yMJqGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0vFsO66QIgiQFa53EUKLpz1tQ_ZA%26client%3Dca-pub-8192122159288812%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame E238 2 KB
1 KB 170ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E238 308 B
636 B 169ms
56ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E238 293 B
622 B 167ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame E238 0
689 B 342ms
167ms Image
text/plain 2600:9000:2127:4600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1654672763
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqBNewANpOMKwUZBAAmEvvAqLM5G3lH7hlvwJw&u=%7C5mV%2FSpfH%2B2aIcwcIjShbU%2FsyiUOIOGWtCXvvwfFA9%2FU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxWcvi2P_4ixKQk-LkV9VvJp3JpPgQGrkE6-5ff5DYvRzUsi1clesyVLlEA2CsBqsgR4wJj9sZf71NvQGCBpMGTWolRu8Vua1sInAwndMwbRFAe5kAz6j4t98wtV86q97NZo7UbCfYYLKQsN167Fj1B5atVCbncKDBmE35cEBoBdZARKyhYTeWp04YVQGdsmGE3AI286ZUf1OVtugZHkv7mXnfZD77mfCYe5M12rY0m5c4J5JKs-Zm1zfpL422uX4QZov-0cDUHrGh9fw4L0sKzf_A9-t8HoZMsq7M-ENygf7rlYytuKqgFKsBImkT7Hxp5EWezgysxuO93O8auOZrqWElzmVZiDUprAVGFQf5XeEgMqss4WhCNEmxKFZloen89g9kshXjbRGIekbFgsbvGqsK0aBLp8-hw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgQZCe02gYuPJNsGMhQa-iaaYB8me0rFcxYyL4JoBwI23ARABIABglQKCARdjYS1wdWItODE5MjEyMjE1OTI4ODgxMqAB1bbS6gPIAQmpAgTINDzU77E-qAMBqgS1AU_QParFebugj3y2bsm95XE7KRLMQXaB63H12rF5v7BlDyyH2nM1eFPkL68ZzLHlAXDPUWEOm9eGlVpiCHP_4KtYSZoiCyzdBo9MRsnU8HTDlbgdF9EfL7K_0-G_as3qjbEBpMU6Cm30hoCdUm4TRZLhJG_O3viztE02ZmPAoLGLHN5CUrDjKwLa3YfTsgb6hZSFGncHmOG9oTB-CJii2Z8E-NPn3N9amKyTzTFyN5Xo8_yMJqGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0vFsO66QIgiQFa53EUKLpz1tQ_ZA%26client%3Dca-pub-8192122159288812%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:24 GMT
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: eM7qh0Q09ZRirMUgstEpOB5OI8whgs3a75nZoEFHxPQz_zTvw_L1IA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame E238 43 B
348 B 174ms
56ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f6QYzmyZyOjpGhMcpCk4N7urCZMy72yh25EtWf6HAYQu2wZsbWb6MI4zfNpUTQcf-aUDY-OW6GsCviTOkFsBZE1SVlJ_ANXenaYMgh02Dc3kOanzjdGVrH-mGCXLwm3LHDvJbEODChHz26yX7-dcDp3pGRlnYR0rRDsHW6tJfQu49DqKajbJ7JUqFjIQ2YDVhQnrTa0Z_KYTtezHI3WRRmJoVoN5QHC50MdcEcZvYkZqSa2ZomQOdlAr5u_xYXwcHD6I2LO05xZ07iEmhhjeOusBODWJMNxdE3_vGmxhkZF5EFWrZW89M8zDZHSr_lrT4KfWYasvTevW776zP7KyAxDUcp9tG1nU65xFJWzkIA9ssLtLb3NaHWUHEhvOBqao1Yi_kw54D4VjT7Dj8Pd1r-t1ZkZ6ADcW6iqRui6ITT5lVmoabnqMMWxw2RHLl0hM06O87w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:23 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1844006
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8368 28 KB
28 KB 171ms
54ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 556950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 20:36:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E238 12 KB
6 KB 96ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 15 KB
15 KB 205ms
97ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F05c244b8e1cf40f39dbba9559c8c38e9_blue.png&v=3&w=356&s=0zOwInAlguyC5Ln0ddCFcZwG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

22c8728d566763a64d50a672a2c504875bc39ebba29713ecd97332ca6bf163bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30245275
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14940
expires: Wed, 24 May 2023 08:47:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 2 KB
2 KB 206ms
97ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogodrivetech-Fahrversuch-GmbH-171567DE.gif%3Feb%3D1&v=3&w=400&s=AWC9_tVS2C2Xr8zOMCnCWqF6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=988748
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1538
expires: Sun, 19 Jun 2022 17:58:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 1 KB
2 KB 204ms
96ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=400&s=Y5UrGVI-PKzb_L9pX4wn0Fm8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1077962
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1382
expires: Mon, 20 Jun 2022 18:45:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 2 KB
2 KB 157ms
49ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBascom-Cameras-B-V-180642DE.gif%3Feb%3D1&v=3&w=400&s=K5WLCwZQMQUPnP3fTSaX4qJ2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

df8a117309d30c94effb77c809817e39147f8b8563c3c86a0bf5f3852dd5ae64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=642297
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1652
expires: Wed, 15 Jun 2022 17:44:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 956 B
1 KB 156ms
48ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoARENIT-GmbH-167578DE.gif%3Feb%3D1&v=3&w=400&s=4bEANqnqhfFZvT7rXMdKy5mI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e641293ff2d0dd37fa9ea4b61de61eeb4b3fd0834dd43a9f2efab7303e98afd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 956
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 404 img
pix.eu.criteo.net/img/ Frame E238 43 B
244 B 155ms
48ms Image
image/gif 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:23 GMT
server: Finatra
vary: Origin
content-type: image/gif
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 43
expires: -1

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 3 KB
3 KB 51ms
50ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoConcentrix-Germany-169413DE.gif%3Feb%3D1&v=3&w=400&s=MLCPOuNtUjk_FrjlqcdavKOt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=520337
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3064
expires: Tue, 14 Jun 2022 07:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 886 B
1 KB 54ms
54ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBCMC-Media-Agentur-GmbH-55218DE.gif%3Feb%3D1&v=3&w=400&s=5aPzmu6HAD7e1GnZi8Gs5P9J&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

891ae673331445e00149d031d499370d254465c5d1e67de1a5f624df4ddcbb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1066404
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 886
expires: Mon, 20 Jun 2022 15:32:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 3 KB
3 KB 57ms
56ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoAURELIUS-Wachstumskapital-SE-Co-KG-204508DE.gif%3Feb%3D1&v=3&w=400&s=-WwxvwNJBL-hGadOscvhb2tj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

27410d49020a061b06d17ede9b0f749f49610fa19ee823ec6f8ad25b363928b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2668
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E238 2 KB
2 KB 58ms
57ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLidl-Dienstleistung-GmbH-Co-KG-26699DE.gif%3Feb%3D1&v=3&w=400&s=5BvPexySDYwg8YM9UvChBoiW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

51008f6836298391dae574259793c921dc3f36150fddec673c9e7a931a7f7ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1391328
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1678
expires: Fri, 24 Jun 2022 09:48:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E238 0
128 B 156ms
49ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=V9fe5_JYAXTIyLVmFqWJEj-77QrvDyH30FvbtMoAGTKW7N9ETs2VMTQkv9A8U4SHl7eHOAvJnY-mfYTPPTTIZWfpK3GX06JVkXMvmkH98vjiTdE_RMd4LGd38adAMtSV_Lb8gkQ8ISq0bbodADxtEdea_PhhlyXRmD5NVnbyn_7-IufGK3JEvAOfNF6P2jYwguKgahkVDugnUlqvoLPprpQ-gh6V5rXZ2bKonsTB66C9T3pR-QQfMtjpqUH2l6vX4FeTSA&sds=2&rev=81696&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 07:19:24 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E238 2 KB
1 KB 96ms
96ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E238 2 KB
1 KB 97ms
97ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 07:19:24 GMT

GET
DATA 200
OK truncated
/ Frame B957 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6fdb52b7bd33ce40d1a2cb898d33b1f3745a4da80524e00c0db29ab790e021f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7694 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c1964c02623eed7b7dab29833b8d0be9d265c101bcff9d0041fd06b9245fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 093B 4 KB
636 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 07:12:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 093B 205 B
229 B 53ms
53ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:05:29 GMT
x-content-type-options: nosniff
age: 835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Jun 2023 07:05:29 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 093B 604 B
628 B 54ms
54ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:19:01 GMT
x-content-type-options: nosniff
age: 3623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Jun 2023 06:19:01 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/ Frame 093B 19 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1f1fd543e14c5e19e810309bcbfd30a35c551d3b6bb0acc4cf642d00c1fdb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 13896182058400554804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:09:03 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B957 28 KB
28 KB 102ms
102ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 556950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 20:36:54 GMT

GET
H3 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame F0C8 10 KB
4 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 00:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 00:43:31 GMT

GET
H3 200 871c96fb77a4896caa02808d467db33f.js Show response
www.gstatic.com/mysidia/ Frame F0C8 10 KB
4 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/871c96fb77a4896caa02808d467db33f.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acb7913f5cf89043c299832687a8937f81dda3dca484941a2ef75aa487fa2485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 20:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4430
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 20:23:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F0C8 8 KB
893 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 05:36:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame F0C8 2 KB
904 B 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:16:04 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame F0C8 21 KB
9 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8701
x-xss-protection: 0
server: cafe
etag: 7038200677561849530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:16:54 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame F0C8 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:41:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0C8 138 KB
42 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame F0C8 17 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:15:10 GMT

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame F0C8 31 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 20:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 20:03:00 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v11/ Frame 00D4 17 KB
17 KB 106ms
106ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:10:11 GMT
x-content-type-options: nosniff
age: 47353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17564
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 18:10:11 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v11/ Frame 4997 17 KB
17 KB 118ms
118ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:10:11 GMT
x-content-type-options: nosniff
age: 47353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17564
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 18:10:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F0C8 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0Lrxe02gYpGrM9PV1fAPsNmh6AixxPj7abrukJenDcvLrZfeGhABILSqzB5glQKgAejh6v8ByAEBqQJMlTKw5-uxPqgDAcgDwwSqBNgBT9D6LD30MBHx8Et54OE4U94KQqZqRh4y-rYxbthqCTaGhd_bObflc4_PxYUrguTL2thGaeCgNJDX_sI0F0cjEeuWuWbP9cY8NeSaTtAfM3r80JfN5qDNQfGGk8sJj5FKKhDx18wMJGT32Ze_iT1B3YQ0XiHF4gDtbx4Pijp5ETwTZA159NtasYgE3V6vsk5ysMjKzhr-beFTutCwnlckyKOnyFfrKAZVhdmjIfaQuMhgteH61Xn0ZqZceB5EGefSSqFZWPOkzo2rdlho7lqOGBAIgqLonoofwATbv9n4swOSBQQIBBgBkgUECAUYBKAGUYAHgJ6VgAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCK6NsF0ggJCIDhgBAQARgfgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTgxOTIxMjIxNTkyODg4MTIYAA&sigh=FwuP3frmic4&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Jun 2022 07:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 4455 6 KB
672 B 66ms
66ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 06:58:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 07:19:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 4455 2 KB
904 B 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:16:04 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame 4455 21 KB
9 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8701
x-xss-protection: 0
server: cafe
etag: 7038200677561849530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:16:54 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 4455 3 KB
1 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 06:41:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4455 138 KB
42 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 07:19:24 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 4455 17 KB
7 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 07:15:10 GMT

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 4455 31 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 20:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 20:03:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7357 143 B
163 B 55ms
54ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 06:46:02 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F0C8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aed7fc92b9ddddd951f9af49f16260bf23f8520479dc158aa464d3bdb2065290

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 398D 36 KB
14 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8192122159288812&output=html&h=600&slotname=5703986010&adk=167851166&adf=1455669288&pi=t.ma~as.5703986010&w=180&fwrn=4&fwrnh=100&lmt=1654672763&rafmt=1&psa=0&format=180x600&url=https%3A%2F%2F1504.kr.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654672763484&bpp=2&bdt=503&idt=222&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C200x200&nras=1&correlator=4445414407493&frm=20&pv=1&ga_vid=1699679587.1654672764&ga_sid=1654672764&ga_hid=916949819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=12&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067527&oid=2&pvsid=4461142952613967&pem=279&tmod=1561048612&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nK4L3FkOk5&p=https%3A//1504.kr.ua&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 19:23:48 GMT

GET
H3 200 AdobeStock_463593159_geaen_runtergerechnet_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 00D4 236 KB
236 KB 56ms
56ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/AdobeStock_463593159_geaen_runtergerechnet_1.png

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323724aeb4f37a069592dd81fc1e9ddea4d014539f03166932eb137fb8225d13

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 1132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241843
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:00:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:00:32 GMT

GET
H3 200 Unbenannt-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 00D4 3 KB
3 KB 54ms
54ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Unbenannt-1.png

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dfd14ae6097102cacd31ba68b725c255f65a5abefc6e45c60cfa58298f78030

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2794
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:08:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:08:47 GMT

GET
H3 200 Logo_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 00D4 8 KB
8 KB 66ms
64ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Logo_1.png

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

322a846d0f85ccde422c5c83bc9bc907a475815460f2fa75c1289bfdc629524c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8301
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:08:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:08:47 GMT

GET
H3 200 Unbenannt-1_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 00D4 20 KB
20 KB 68ms
67ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Unbenannt-1_2.png

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516204e9e22bbbd7227f026efaea823f0f0a5f7208a5b3c54e1d94a755bae755

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 1132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20319
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:00:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:00:32 GMT

GET
H3 200 AdobeStock_463593159_geaen_runtergerechnet_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 4997 236 KB
236 KB 73ms
73ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/AdobeStock_463593159_geaen_runtergerechnet_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323724aeb4f37a069592dd81fc1e9ddea4d014539f03166932eb137fb8225d13

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 1132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241843
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:00:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:00:32 GMT

GET
H3 200 Unbenannt-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 4997 3 KB
3 KB 98ms
97ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Unbenannt-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dfd14ae6097102cacd31ba68b725c255f65a5abefc6e45c60cfa58298f78030

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2794
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:08:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:08:47 GMT

GET
H3 200 Logo_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 4997 8 KB
8 KB 104ms
104ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Logo_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

322a846d0f85ccde422c5c83bc9bc907a475815460f2fa75c1289bfdc629524c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8301
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:08:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:08:47 GMT

GET
H3 200 Unbenannt-1_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 4997 20 KB
20 KB 105ms
105ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Unbenannt-1_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516204e9e22bbbd7227f026efaea823f0f0a5f7208a5b3c54e1d94a755bae755

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 1132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20319
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 08 Jun 2022 07:00:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:00:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7357
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

112ms
111ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 07:19:25 GMT
expires: Wed, 08 Jun 2022 07:19:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 07:19:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame E828 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 19:23:48 GMT

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 59D3 36 KB
14 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: 1504.kr.ua
URL: https://1504.kr.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 19:23:48 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 0219
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=489617412668468.819041981191549&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.819041981191549&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0...

49 B
602 B

101ms
101ms

Image
image/gif

185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.819041981191549&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 2
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Wed, 08 Jun 2022 07:19:25 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.819041981191549&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 0219
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=489617412668468.680095233019047&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.680095233019047&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0...

49 B
602 B

109ms
109ms

Image
image/gif

185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.680095233019047&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 07:19:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Wed, 08 Jun 2022 07:19:25 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=489617412668468.680095233019047&a=77&e=8AB803C17B4DA0625F00F9290204BEBE&pref=https%3A%2F%2F1504.kr.ua%2F&c=ss:77.up:8AB803C17B4DA0625F00F9290204BEBE.sync:up.xdua:duTYsY4HBJROp_ZeDXBzd05o.xps:xpsa5Ce9vpK_fVKVde0pgI7n6.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 1
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2B0 42 B
64 B 197ms
88ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQYi_EX-t7OSG40Mi7XaGWvDDIrELvK53RD8C38VpC8hK8b6UhvJh8oWqa-BGT1fMXAgWgl1jpyqUH1a6Io9idXQ&sig=Cg0ArKJSzCh4ToZH-GzjEAE&id=lidar2&mcvt=1000&p=0,0,600,180&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=0.86&if=1&vu=1&app=0&itpl=20&adk=167851166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654672763716&rpt=727&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E238 0
127 B 49ms
49ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 07:19:25 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0C8 42 B
64 B 90ms
89ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAYhJA0orOPSIbEkIO1Sdf05_SptZZyjeltLXhvLnqDo5Geg_QzCBxWOnQILK0wFWaWqiI_ma99UYeCHqJXke3t0jE7paqexIBvl0WrXH3jUZr1kSkpBslZxuO&sai=AMfl-YTlmp2acQGc1uoyHn-F1Fq1TMgf7bU2pDjrxg6SsR029pLYfoZUrRx8leOAh2QlvIW_xj4w8EFqDM6n&sig=Cg0ArKJSzGGtq3450t18EAE&id=lidar2&mcvt=1027&p=0,0,124,1005&mtos=101,799,1027,1059,1059&tos=101,698,228,32,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654672764569&rpt=353&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 118ms
117ms Image
image/gif 185.12.125.26
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=1ab2838d-b3ba-47e2-98b0-e02e93cfab30&dp=10&tz=%2B00%3A00&nc=81210891&dT=2022-06-08T07%3A19%3A26.571
Requested by: Host: 1504.kr.ua
URL: https://1504.kr.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.12.125.26 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1504.kr.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:19:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame A001 36 KB
14 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 19:23:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8368 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszqycl4Hq9iAVUn12drBYfrumwrpaPJd_CI5VkrrD39Je1XXta-IZUpH1uYiBwCfHy8Xwjop6Y56p-a_KuVSqrtlEDQGZhp_zZAPdu8aV-lD57Y-O14r6jqpId&sai=AMfl-YRZmO7Wtb55lyMpTsbc6lZOvo-QNC3OYS67loyOzDLMaBFIX9xBpSsc_4p3xqAW04dt4M5HfiOIyKxs&sig=Cg0ArKJSzCq3MBuQIBBMEAE&id=lidar2&mcvt=1000&p=0,0,200,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=22&adk=2627602528&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654672763703&rpt=4027&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8368 0
17 B 256ms
103ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l459fwdn&c=2971087055392&slotId=1485543527696&qqid=CNXjvrKonfgCFVdvwQodo-QMbA&event_name=first_play&asset_bytes=17891&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=6&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&ves=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 07:19:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=8AB803C17B4DA0625F00F9290204BEBE

Domain: r1---sn-4g5lzner.gvt1.com
URL: https://r1---sn-4g5lzner.gvt1.com/videoplayback?id=0120ed60d8846780&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654679964&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=70DF7C8CFBF83EE605CEB5A837181BA286AA8165.5897695679CB4FE80BDD3EA48379F567469633BB&key=cms1&cms_redirect=yes&mh=K8&mip=2a01:4a0:2c::3&mm=28&mn=sn-4g5lzner&ms=nvh&mt=1654671984&mv=u&mvi=1&pl=46

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1504.kr.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: fmcj7u1pjh3eq0g1adu8jjmte7
1504.kr.ua/	1970-01-20 04:21:04	Name: r3992 Value: 1
1504.kr.ua/	1978-01-11 21:31:40	Name: fid Value: 7420f703-4c11-4bc9-8458-7c4a9b9f102c
.acint.net/	1970-01-20 03:37:53	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: wQO4imKgTXsp+QBfvr4EAioDT7BxbKNSbdhXY9mTax9TwXid
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp7v2 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp14v3 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp17 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp32 Value: 1654672763
.acint.net/	1970-01-20 03:39:19	Name: cSyncDp45v3 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp53 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp54v2 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp62 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp67v2 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp68 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp71 Value: 1654672763
.acint.net/	1970-01-20 03:58:02	Name: cSyncDp77 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp84 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp85 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp95v3 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp101 Value: 1654672763
.acint.net/	1970-01-20 03:58:02	Name: cSyncDp104v2 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp107 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp110 Value: 1654672763
.acint.net/	1970-01-20 03:58:02	Name: cSyncDp111v2 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp112v2 Value: 1654672763
.acint.net/	1970-01-20 03:59:28	Name: cSyncDp125v2 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp126 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp127 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp129 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp136v2 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp138 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp144 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp146 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp148 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp149 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp151 Value: 1654672763
.acint.net/	1970-01-20 04:21:04	Name: cSyncDp186 Value: 1654672763
.1504.kr.ua/	1970-01-20 12:59:28	Name: __gads Value: ID=80cae3e537723b6a-22bc84bfaacd00f4:T=1654672763:RT=1654672763:S=ALNI_Ma--efjWzumqyrvZFEkv4MSHczPlQ
.utraff.com/	1970-01-20 04:21:15	Name: preutid Value: 1
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWKgTXsw+wAWWroRAi+RW+zGTSHfkHhH4b7cYRQrhbd7
.betweendigital.com/	1970-01-20 12:23:28	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 12:23:28	Name: tuuid Value: f853dd5f-8405-529f-abb3-8971c913c40a
.betweendigital.com/	1970-01-20 12:23:28	Name: ss Value: 1
.mail.ru/	1970-01-20 12:24:55	Name: VID Value: 0q5jl82SBYIA00000e1GL42A:::0-0-0-7baa63c:CAASEBqT6jZg8NWiDhvHKH_esh4aYL6CyRPtm1wGK_Q3lW63KanQs1nzAhEDZ4xuehSqiHskbqmrFk51WGXAwfo2XBNVuWfJAuP4QaQBNvfwI6lS0GnAZiP0MDBtoFJWvkO9kiztmSzscLjxnq2Eau8Iq9Nvxw
.adhigh.net/	1970-01-20 12:23:28	Name: gi_u Value: usQpLnQSG8Tc.AikABlGBQi6s0g
.betweendigital.com/	1970-01-20 12:23:28	Name: ut Value: YqBNfAACOlCTnQb68lLMUVI1RZuwz9smAeCWGQ==
.upravel.com/	1970-01-20 03:37:52	Name: session_tptc Value: 1654672764202
.adhigh.net/	1970-01-20 12:23:28	Name: sape_sync Value: jJC
.adriver.ru/	1970-01-20 21:09:04	Name: cid Value: AahO7b0SamUt7iWo_b-AsSw
.1dmp.io/	1970-01-20 12:23:28	Name: uid Value: 52d7d8e2-e6fb-11ec-8677-901b0e934d81
.upravel.com/	1970-01-23 19:13:52	Name: user_id Value: 9183367c-f113-426a-b60f-673aa5fabfb1
.rutarget.ru/	1970-01-20 07:57:04	Name: userId Value: Pny_M1FGJxDA
.doubleclick.net/	1970-01-20 12:59:28	Name: IDE Value: AHWqTUmUqXn6BVoa-lIihDBlKbjtc5I_FjlnTtTqssuM7ZclojBPPRJBUibHVYcjFKg
.doubleclick.net/	1970-01-20 03:37:56	Name: DSID Value: NO_DATA
.mts.ru/	1970-01-20 12:10:31	Name: dspid Value: fa0d175f-407a-406e-bf5a-a901e4bbe8f4
ssp.bidvol.com/	1970-02-14 00:09:16	Name: bvuid Value: i159yfk7xo
.ops.beeline.ru/	1970-01-20 12:10:31	Name: BeeAID Value: 3811a0e4-fde0-464a-ad5e-7516a98fc80b
.rktch.com/	1970-01-20 04:21:04	Name: b_uid Value: cd855dc54997c831599eaea81c28e4ef9805
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWKgTXxYik2I6npUAg==
.uuidksinc.net/	1970-01-20 12:23:28	Name: jcsuuid Value: HW1ZB3M0c7bdFHOQB7zu
dmp.gotechnology.io/	1969-12-31 23:59:59	Name: chk Value: 1
.weborama.fr/	1970-01-20 13:03:47	Name: AFFICHE_W Value: c5xDKFKEv1xz95
.gotechnology.io/	1970-01-20 16:46:59	Name: pid Value: N2ExNTViYTUyOGUwZGQxMQ
.yandex.ru/	1970-01-23 19:13:52	Name: yuidss Value: 8996532261654672765
.yandex.ru/	1970-01-23 19:13:52	Name: yandexuid Value: 8996532261654672765
.mts.ru/	1970-01-23 18:01:52	Name: mts_id Value: 6909c544-a819-4afe-902d-d919d570e9da
.mts.ru/	1970-01-23 18:01:52	Name: mts_id_last_sync Value: 1654672765
.aidata.io/	1970-01-20 21:09:04	Name: __upin Value: lwW6ksZF8pCUvl+yV+JRkQ
.aidata.io/	1970-01-20 21:09:04	Name: __upints Value: 1654672765
.agency2.ru/	1970-01-20 12:10:31	Name: uuid Value: cca95b35-f626-48d5-a162-fedf319c55f1
x01.aidata.io/	1970-01-20 03:42:11	Name: mts Value: 1
.dmg.digitaltarget.ru/	1970-01-21 05:33:04	Name: viuserid Value: HhWNJ89LB7jNsdk7bXGh
.adsniper.ru/	1970-01-27 10:49:52	Name: uuid3 Value: IiQ1NDBmMWY3YS1lNmZiLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/	1970-01-27 10:49:52	Name: suuid3 Value: IiQ1NDBmMWY3YS1lNmZiLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://1504.kr.ua/ Message: Mixed Content: The page at 'https://1504.kr.ua/' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/mapuid/gonetdspis/N2ExNTViYTUyOGUwZGQxMQ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/-g0XX0B6QG6_WqkB5Lvo9A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=4224921108 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8192122159288812&fa=1&ifi=8&uci=a!8&btvi=3&xpc=UjF8osrFnY&p=https%3A//1504.kr.ua Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1504.kr.ua
8ab803c17b4da0625f00f9290204bebe-sp.ops.beeline.ru
9183367c-f113-426a-b60f-673aa5fabfb1.sync.upravel.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
cat.nl.eu.criteo.com
cdn-rtb.sape.ru
cm.g.doubleclick.net
coml.be
connect.facebook.net
cs.agency2.ru
csi.gstatic.com
csm.eu.criteo.net
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.new-programmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.konnektu.ru
px.adhigh.net
r1---sn-4g5lzner.gvt1.com
redirect.frontend.weborama.fr
rtb.fr.eu.criteo.com
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
secure-gl.imrworldwide.com
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
static.criteo.net
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
ajax.googleapis.com
r1---sn-4g5lzner.gvt1.com
s3.advarkads.com
109.248.237.37
130.193.58.13
138.201.65.66
142.132.209.136
142.250.185.130
157.90.6.171
168.119.8.212
176.122.21.139
178.170.196.9
178.250.2.135
178.250.2.148
178.250.2.150
185.12.125.26
185.147.80.35
185.15.175.134
188.42.191.196
194.190.117.94
194.190.76.38
213.87.44.187
217.65.2.150
217.66.147.170
23.111.107.44
2600:9000:2127:4600:1e:a43d:b640:93a1
2606:4700:3033::ac43:d997
2a00:1148:db00::17
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4006:810::2003
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:6b8::90
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
31.172.81.158
31.172.81.159
31.220.27.155
31.41.216.91
35.190.24.218
37.18.103.21
37.9.245.57
65.108.1.48
78.46.100.125
78.46.16.13
81.222.128.13
81.222.128.215
88.198.16.238
89.108.120.76
89.108.97.2
89.38.97.71
93.95.102.105
95.181.171.233
95.211.66.35
0353842c6ea08bd85487c710a18be735b01a8bef461cb339b522cdd3b27998e4
0820da4d9cdaa52b00758354b4429c42902356fc7f28b0759595927cb3f68fdd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0f6130c95d6d2edace823eb58839a964b5c268e28872f0bebea7405a1cef8607
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114bf4c1b45c9425c74314f034e1e1f1ccda74f13a3febfeeb1a5e60fb7d0604
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e66fafc9cf5522875e9ea41884cbe27b56c4a5eb84d90ab0f131e50a64f66b0
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
22b96adb990ef6f1e2e417254e51fe341b2e22fe663a73efe05452f17f3a567f
22c8728d566763a64d50a672a2c504875bc39ebba29713ecd97332ca6bf163bf
27410d49020a061b06d17ede9b0f749f49610fa19ee823ec6f8ad25b363928b0
28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0
2966fd929f6ef5ac5b30eb42f2eff08724c7f2a0b7a653dea0aa0d6995d6ab85
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
31eb2c04c7e20f2819979bd5ebdbce0cd39e95d2dcc76e01a9dec29304e76d54
322a846d0f85ccde422c5c83bc9bc907a475815460f2fa75c1289bfdc629524c
323724aeb4f37a069592dd81fc1e9ddea4d014539f03166932eb137fb8225d13
3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41ea673bc703729530e41523e65a361de0e42ddb9b9d321e9c385ee7b42443e3
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47bd6936d7dcfa77bf059cce7799ce76da05e2a84f7f0bc226c8b2fddcc8e87d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a87cc0b95e738db19188a3ccdb1ffa1d502f4b8efa8b6c9e0f7addb60381434
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
51008f6836298391dae574259793c921dc3f36150fddec673c9e7a931a7f7ee6
514c5f71c8fcf3d04e8a8aef4305aa3381734b6c94ca950888a3bf4e5b59ec9c
516204e9e22bbbd7227f026efaea823f0f0a5f7208a5b3c54e1d94a755bae755
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5a825847149e7cb04de032d196799a342152c7723173b7ca171cac0e0668f827
5bb8fdfca6102ba4fe0df3152b02f35d9b66aaef0acb3aa31915ba94ac9603fb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
5f6f9ddea33f1891af549b1c9593c1ca8ce9cc279d2d3ba3ba7cbbb8b7e13c0a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
64dc5ddca01dda3021ca807586bc2ffbb488804fd307fca568a753f867d3979e
6775c8bcb1243feeedc7d31e46cade34eb3e5da2ad56fd2a3070d1519aff6b87
6884435e89015330243b53d784097bda1b00e46452afaf7518811d0ea5173c01
6dfd14ae6097102cacd31ba68b725c255f65a5abefc6e45c60cfa58298f78030
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7687082a383efb915be0c1df9c04a4b382f8ae9fd08c1188e4bb104f98cea06c
78c1964c02623eed7b7dab29833b8d0be9d265c101bcff9d0041fd06b9245fb7
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
824fc3a008150f4288e84ffd6b71ba24c873dca39b3e18763af5480382a0b05a
82d3774bbe8751e40e2fb43c5a2edbb960afc197c85b873692754aed177686a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
887ca61c30596a0fbf9e94c67162330cb9161a8f03d8d93718313c0ed02ffafb
891ae673331445e00149d031d499370d254465c5d1e67de1a5f624df4ddcbb6a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9148f204dcfa21391c76386282277d8687657eddec46eb17261e188a0ec55016
91cb98a7e7a13fc8a31c0a6bfb3b05d4b7bf43aa02d711479e2d3ebb0fd3e460
98a76848c409a5cebdb4ea2e96d6294b8cc8669d75a3608ee3237b789ab2d010
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f4a21662148622476fae9787851bd90bf702d7944577d7b22fb05e4b5f6dd3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a83e8d32917c78553a8211a498a7b1aa32e115632abe78bb292ec11d06b58380
abba1c5898d239f34aabfcac1c615582707e49759f2d78f9d69cae821b6b50df
acb7913f5cf89043c299832687a8937f81dda3dca484941a2ef75aa487fa2485
aed7fc92b9ddddd951f9af49f16260bf23f8520479dc158aa464d3bdb2065290
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f1fd543e14c5e19e810309bcbfd30a35c551d3b6bb0acc4cf642d00c1fdb16
bc57e1f0a3ce81c4c49590eb31c498c1f9444fd5cd536b788efa8ed0eac71016
c0d424e5835307005505af235beef35922706fe9609cf1268e037c0ffdc6f81f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172
c9ff4ded4918c8f230ce2cbbb748b65b27d54ca14b9b857278d1b4b6a8a119d7
cb45c35c3e4ca6691ff526ff91925cbfa14bdbe1a6e2c49c33efa555f004462f
cc465b60cc1f17bd9d75c2b8b0f8424d87b89abb8804229f5b5373c33d8f04e0
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d010b8a3994cd090b0018452ea54e9a6e8e555d1468ca54eb88788080d452c8a
d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0
d2ee566a19b2516482a9b94a99e6b3fec4389b30f7b356a44e0c21aae6f52583
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
d6fdb52b7bd33ce40d1a2cb898d33b1f3745a4da80524e00c0db29ab790e021f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d81924fa3f2747dc15aae9c4cc7ff4749e218ba239747782f26e8eeeebcdfc66
dc948b0fa40e7f9c846107553aa5578ca1ff73d3d3498c6581b038c3cb72e5ef
de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778
df8a117309d30c94effb77c809817e39147f8b8563c3c86a0bf5f3852dd5ae64
dfa1933953767fc53aff3ab036d0e7c5127be7d13eba7895432c2ecab5be64ff
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e641293ff2d0dd37fa9ea4b61de61eeb4b3fd0834dd43a9f2efab7303e98afd2
e6f4540dafb440535b93a2f445526514e421cff4c9ca6ead9aa31745a6555e5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
fb39891f31b20f7e1e891fe757be8797a01b4ee34dcc2b8ea814dd60a08b0ac7
fd46e9bd1e8a058e67d9424231ed756728c0f4a5650dcbe25eb16e89bc8adb65
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

1504.kr.ua Open in urlscan Pro 31.41.216.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

198 Requests

86 %HTTPS

35 %IPv6

51 Domains

67 Subdomains

44 IPs

9 Countries

2443 kBTransfer

5340 kBSize

75 Cookies

2 Outgoing links

Page URL History

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1504.kr.ua Open in urlscan Pro
31.41.216.91 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

86 %
HTTPS

35 %
IPv6

51
Domains

67
Subdomains

44
IPs

9
Countries

2443 kB
Transfer

5340 kB
Size

75
Cookies

198 HTTP transactions
9 data transactions