www.pravda.com.ua Open in urlscan Pro
107.178.251.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mlsend2.com/link/c/YT0yMDcwMzk5MjIxOTA2ODAyNDU5JmM9ZDNsNiZlPTE4MDIyMyZiPTEwMzQwODM2ODkmZD12NXU1YzJj.WHWGEaCj...
Effective URL:
https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Submission: On October 27 via api (October 27th 2022, 1:41:10 pm UTC) from PL — Scanned from DE

Summary HTTP 191 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 65 IPs in 14 countries across 51 domains to perform 191 HTTP transactions. The main IP is 107.178.251.122, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.pravda.com.ua. The Cisco Umbrella rank of the primary domain is 42970.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on July 14th 2022. Valid for: a year.

This is the only time www.pravda.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:51bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	107.178.251.122 107.178.251.122	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
3	34.111.239.200 34.111.239.200	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.93.164.116 142.93.164.116	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	95.216.24.150 95.216.24.150	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 7	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
1	3.122.77.49 3.122.77.49	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10 27	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
6 13	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 3	2a05:d018:d29... 2a05:d018:d29:3601:2eb1:fd74:c477:e429	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4 4	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	18.196.93.7 18.196.93.7	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	88.221.168.189 88.221.168.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.13.76 104.18.13.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	3.127.121.199 3.127.121.199	16509 (AMAZON-02) (AMAZON-02)
2 2	176.34.247.153 176.34.247.153	16509 (AMAZON-02) (AMAZON-02)
1 2	52.19.103.22 52.19.103.22	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.94.220.185 52.94.220.185	16509 (AMAZON-02) (AMAZON-02)
191	65

1 2606:4700:20::ac43:51bf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.mlsend2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 107.178.251.122 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 122.251.178.107.bc.googleusercontent.com

www.pravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.239.200 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 200.239.111.34.bc.googleusercontent.com

img.pravda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.164.116 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.24.150 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.77.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-77-49.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.181.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:2eb1:fd74:c477:e429 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.28 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.93.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-93-7.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-189.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.151.131 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.121.199 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-121-199.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.247.153 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-247-153.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.103.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-103-22.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.220.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	201 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	246 KB
19	pravda.com.ua www.pravda.com.ua — Cisco Umbrella Rank: 42970	283 KB
16	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 519 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439 dsum.casalemedia.com — Cisco Umbrella Rank: 1311	12 KB
14	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 492 pixel.rubiconproject.com — Cisco Umbrella Rank: 347 eus.rubiconproject.com — Cisco Umbrella Rank: 596 token.rubiconproject.com — Cisco Umbrella Rank: 682	16 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com — Cisco Umbrella Rank: 618 secure.adnxs.com — Cisco Umbrella Rank: 438	30 KB
8	amazon-adsystem.com 5 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205	6 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	2 KB
6	yahoo.com 2 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1155 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	109 KB
5	adform.net 4 redirects adx.adform.net — Cisco Umbrella Rank: 3993 c1.adform.net — Cisco Umbrella Rank: 627	3 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 54979 ls.hit.gemius.pl — Cisco Umbrella Rank: 12601	20 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	64 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	2 KB
4	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 585 eb2.3lift.com — Cisco Umbrella Rank: 373	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 763 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	7 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 99552	191 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	219 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 731 syndication.twitter.com — Cisco Umbrella Rank: 1061	133 KB
3	pravda.com img.pravda.com — Cisco Umbrella Rank: 105492	249 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	120 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 35095	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608 cdn.indexww.com — Cisco Umbrella Rank: 1375	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 777	486 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 765	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 766 r.turn.com — Cisco Umbrella Rank: 3362	869 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4553	647 B
2	gstatic.com fonts.gstatic.com	32 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	166 KB
2	usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog	7 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	58 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 599	753 B
2	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2396	1014 B
2	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16335 tt.onthe.io — Cisco Umbrella Rank: 13423	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	89 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 375	709 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 6700	419 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 40043	606 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	862 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2865	104 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6449	288 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 8894	449 B
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 56856
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	17 KB
1	mlsend2.com 1 redirects click.mlsend2.com — Cisco Umbrella Rank: 111608	443 B
191	51

	Domain	Requested by
27	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
19	www.pravda.com.ua	www.pravda.com.ua
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.pravda.com.ua b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog www.googletagservices.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.pravda.com.ua b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
7	ib.adnxs.com	2 redirects cdn.membrana.media googleads.g.doubleclick.net acdn.adnxs.com
6	www.google.com	www.pravda.com.ua tpc.googlesyndication.com b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	pixel.rubiconproject.com	3 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	c1.adform.net	4 redirects
4	googleads4.g.doubleclick.net	www.pravda.com.ua
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.pravda.com.ua
4	gaua.hit.gemius.pl	1 redirects www.pravda.com.ua gaua.hit.gemius.pl
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.membrana.media	www.pravda.com.ua cdn.membrana.media
4	www.googletagmanager.com	www.pravda.com.ua www.googletagmanager.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	x.bidswitch.net	3 redirects
3	eb2.3lift.com	2 redirects cdn.membrana.media
3	pr-bh.ybp.yahoo.com	2 redirects ssum-sec.casalemedia.com
3	c2shb.ssp.yahoo.com	cdn.membrana.media
3	fastlane.rubiconproject.com	cdn.membrana.media
3	www.facebook.com	www.pravda.com.ua connect.facebook.net
3	googleads.g.doubleclick.net	www.googleadservices.com b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
3	img.pravda.com	www.pravda.com.ua
3	www.googletagservices.com	www.pravda.com.ua b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	r.scoota.co	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	onetag-sys.com	1 redirects 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
2	pm.w55c.net	2 redirects
2	d5p.de17a.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	s0.2mdn.net	b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.google.de	www.pravda.com.ua
2	ap.lijit.com	cdn.membrana.media
2	inv-nets.admixer.net	cdn.membrana.media
2	platform.twitter.com	www.pravda.com.ua platform.twitter.com
2	connect.facebook.net	www.pravda.com.ua connect.facebook.net
1	px.ads.linkedin.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	s.company-target.com	1 redirects
1	js-sec.indexww.com	cdn.membrana.media
1	acdn.adnxs.com	cdn.membrana.media
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	dclk-match.dotomi.com	b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
1	mug.criteo.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog	securepubads.g.doubleclick.net
1	3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	ghb.adtelligent.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	syndication.twitter.com	platform.twitter.com
1	tt.onthe.io	cdn.onthe.io
1	cdn.onthe.io	www.pravda.com.ua
1	www.googleadservices.com	www.pravda.com.ua
1	click.mlsend2.com	1 redirects
191	79

This site contains links to these domains. Also see Links.

Domain
www.epravda.com.ua
life.pravda.com.ua
www.eurointegration.com.ua
blogs.pravda.com.ua
www.istpravda.com.ua
tabloid.pravda.com.ua
bit.ly
t.me
www.pap.pl
twitter.com
www.politico.com
www.patreon.com
www.linkedin.com
www.irf.ua

Subject Issuer	Validity	Valid
*.pravda.com.ua Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
cdn.membrana.media R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.pravda.com Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Frame ID: 4067A352C25C36FA9D00CD99DFC3BDF5
Requests: 80 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.pravda.com.ua
Frame ID: 8FF2D8653200B528B30ED8BAB4B5C73A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/comments.php?app_id=177855928894402&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19d4060599a5a%26domain%3Dwww.pravda.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.pravda.com.ua%252Ff11fdc1559a290c%26relation%3Dparent.parent&container_width=39&count=true&height=100&href=https%3A%2F%2Fwww.pravda.com.ua%2Fnews%2F2022%2F10%2F17%2F7372356%2F&locale=en_US&sdk=joey&version=v12.0&width=550
Frame ID: 45527BCECF636DE75BFC8D62AC2971CA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/comments.php?app_id=177855928894402&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1bc62cc6dab58%26domain%3Dwww.pravda.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.pravda.com.ua%252Ff11fdc1559a290c%26relation%3Dparent.parent&container_width=690&height=100&href=https%3A%2F%2Fwww.pravda.com.ua%2Fnews%2F2022%2F10%2F17%2F7372356%2F&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=
Frame ID: 85720CBCB4D8B81D99F972F83DFAAFD0
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: D0884CB4D2CFC14A1ED5C35EC6E30DE9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7BCFEF84541C12CA26F72DF14DF7D305
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11EA7C4305B1925B75EA5CE54C46B5A8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pravda.com.ua
Frame ID: 1E0D0BD8EE72D68F2C06850E0E320342
Requests: 2 HTTP requests in this frame

Frame: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Frame ID: 6AA71867A3E7A06E997B79B27369167F
Requests: 13 HTTP requests in this frame

Frame: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Frame ID: 9656FE9EDE0D1A8069C615AFD4229B48
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 559E023F66B50CDF125D9C5D5EEBDD17
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOOO69UBMAE&v=APEucNXheu_3oj0ntzOupG2KoMIGLnink3vixNw5y9rRruejLqGl4lUjoy7V59Ofj6qiVpSKZLlrc9JOWN-LZ1NkJLKaBFQntJwzUBMGpnsOTHOCqRMOFTIKxHxFdyiWryQi__uzvcwxMSmEii_2Vb4mnyMzQw1UN4A22udL6sP9XLblF2twT74
Frame ID: A1AC233DC865C6CC17859B4218C57233
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGI_c7NUBMAE&v=APEucNW7OC_SpjyEXEaSZuBOzGV38KNsQuhQcODBo5SexDevoeHsQ3TBUtsCHQJ-mDfRiKDM2EXnL7iDFXfYDqCn9_Vmeyo5jsZ-xieD1k3J_KYf6afs2_0H4sepXLuJlWjtjiASy0EOiOo4LPAngYTXrq0ChtpbzYaAtuSrRAt6e1BKdUQ7GOY
Frame ID: DAA28D5D9450A7C4E328D24E2232BDB3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D64598E077B6C58D4627C6EDEBD5D7D0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 544C3976E84EC27C5962B0AD41F221D1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F768FAA6687FB4709BEC5312369E16BB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18AC8C10B7C39FC7D3C010B5527B3BD8
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408038
Frame ID: 9D2B61ED9AE8BAE801145C45EBEE7140
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: AA18FED9F0CCC90523E3064BE713B3D7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 75FBD002788DAEDE6BB6A9AD6203AE65
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 67E7198EF201E5E884AA84CDFFE343E1
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ECEA2FCBD7093361AC5BA20844ECFF96
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4625D667BBED4C447E80AAB620322D91
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

European Parliament to vote on recognising Russia a state sponsor of terror | Ukrainska PravdaUkrainska pravda

Page URL History Show full URLs

https://click.mlsend2.com/link/c/YT0yMDcwMzk5MjIxOTA2ODAyNDU5JmM9ZDNsNiZlPTE4MDIyMyZiPTEwMzQwODM2ODkmZ... HTTP 302
https://www.pravda.com.ua/eng/news/2022/10/17/7372356/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

191
Requests

81 %
HTTPS

42 %
IPv6

51
Domains

79
Subdomains

65
IPs

14
Countries

2292 kB
Transfer

5453 kB
Size

60
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.epravda.com.ua/ukr/
Title: Ekonomichna Pravda (UKR)

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/
Title: Life (UKR)

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/rus/
Title: European Pravda (ENG)

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/rus/
Title: Blogs

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/
Title: Istorichna Pravda (ENG)

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/
Title: Tabloid

Search URL Search Domain Scan URL

URL: https://bit.ly/3zQ9Mfa

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&text=European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/eng/
Title: EUROPEAN PRAVDA

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/10/17/7148862/
Title: European Pravda

Search URL Search Domain Scan URL

URL: https://www.pap.pl/
Title: PAP

Search URL Search Domain Scan URL

URL: https://twitter.com/ecrgroup/status/1582031746115153920
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/eng/interview/2022/09/30/7147819/
Title: interview

Search URL Search Domain Scan URL

URL: https://bit.ly/3MeXvG9
Title: We have launched English Twitter! Follow us!

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/eng/news/2022/08/11/7144827/
Title: declared Russia

Search URL Search Domain Scan URL

URL: https://www.politico.com/news/2022/10/12/pentagon-chief-ukraine-support-00061387
Title: in the coming days

Search URL Search Domain Scan URL

URL: https://www.patreon.com/pravdaua
Title: our patron

Search URL Search Domain Scan URL

URL: https://twitter.com/UkrPravda_news

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/8178990/

Search URL Search Domain Scan URL

URL: https://www.irf.ua/en/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mlsend2.com/link/c/YT0yMDcwMzk5MjIxOTA2ODAyNDU5JmM9ZDNsNiZlPTE4MDIyMyZiPTEwMzQwODM2ODkmZD12NXU1YzJj.WHWGEaCjtW6p14nW205aslmswEyB0hb-HUh_zxeDmMI HTTP 302
https://www.pravda.com.ua/eng/news/2022/10/17/7372356/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://gaua.hit.gemius.pl/_1666878065153/rexdot.js?l=100&sendf=8&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=fhy3Ann0xws9xHvMrHAFNUIgzAW3fRBlRbRv9faMNCr.y7DNUq7m8OBbTFbm9SbBePbgxxIKyLxF0PvqKQx6pLmLLLtx/TcQtZbp2p90eR/&ltime=236&fpdata=B2Bwhxi99tqFuHs48rIDRj0YdQPbubUqUeOHIn3L6GP.47&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1666878065153/rexdot.js?l=100&sendf=8&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=fhy3Ann0xws9xHvMrHAFNUIgzAW3fRBlRbRv9faMNCr.y7DNUq7m8OBbTFbm9SbBePbgxxIKyLxF0PvqKQx6pLmLLLtx/TcQtZbp2p90eR/&ltime=236&fpdata=B2Bwhxi99tqFuHs48rIDRj0YdQPbubUqUeOHIn3L6GP.47&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

Request Chain 105

https://gum.criteo.com/sid/json?origin=publishertag&domain=pravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.pravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=sHSornxnMjk5Tmk4d3FURmhXelRwSHVEZ2c1ckQ4aVNScVJQZG9jbStmTzVCMHlIRmN2YVVNeE95SFVWcGx1aFpUTjFvajR5cTUrOE55ditFSVZMbEF5S0dFWDlPeEs4bVRGVEpnR0tQb2xoZUZ5UHZUa1N5T2FCMjlJQlJpaTFXTUhJcFJ2L25mdE5iYUlNeVJBdHRLVXViODhNNnNrRjRXNVBKM1hDTU1GY2dHdC96elJvZ3V3Qk1wTXp5UUxmdy9GQWpHbW9RZW8xSk5KeSt4bWcwV24vck1HbTkzWFdiOExuV20xSzlkNnNndUNKY21kTUdNRHoxSTVVZmV5NlFlQ0xvc2NvSVpnSE9VZTBrL0prcjhIMzljUT09fA&cppv=2

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1qKcoDI5NsSU-w0-SDCYQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1

Request Chain 142

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1qKcoDI5NsSU-w0-SDCYQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1

Request Chain 144

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D

Request Chain 148

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIuEL4pSwkTKML8-15zkecY&google_cver=1&google_push=AZmPxg_i6iIbIk44chtmtYoadi892iu_lksiB-qSbUcSnM6xorpf7tYgZ_Bg4ati39v8Py5aSZFmIOo83WKlTIQo9ynCML_95LLH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_i6iIbIk44chtmtYoadi892iu_lksiB-qSbUcSnM6xorpf7tYgZ_Bg4ati39v8Py5aSZFmIOo83WKlTIQo9ynCML_95LLH&google_hm=MjA1NTUzMTA3MzIxNDc4NTc1Nw%3D%3D

Request Chain 149

https://d5p.de17a.com/cookies/google?google_gid=CAESEN4fIJMnc0_bAh-xBSDXMTU&google_cver=1&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7z2EmxcZ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN4fIJMnc0_bAh-xBSDXMTU&google_cver=1&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7z2EmxcZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7z2EmxcZ

Request Chain 150

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZZB6SfyWgd6AIYMxVuQYDgV6c HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZZB6SfyWgd6AIYMxVuQYDgV6c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwMDExNzQyMzg5NzA0NTUwMA&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZZB6SfyWgd6AIYMxVuQYDgV6c

Request Chain 151

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI8o9pzDBfLV2alAok69rfI&google_cver=1&google_push=AZmPxg9Zr-xDR2jTq0-_sIlF4ntf10P03S_eh5akHzygueEqNEsx2F-qpEd4M1NxfVOZ4Fskvkn6C1d69yz5AFvkbQEcveYfhm-a HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI8o9pzDBfLV2alAok69rfI&google_cver=1&google_push=AZmPxg9Zr-xDR2jTq0-_sIlF4ntf10P03S_eh5akHzygueEqNEsx2F-qpEd4M1NxfVOZ4Fskvkn6C1d69yz5AFvkbQEcveYfhm-a&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Yq9-YbTTMyRHUhEWk3Ljw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9Zr-xDR2jTq0-_sIlF4ntf10P03S_eh5akHzygueEqNEsx2F-qpEd4M1NxfVOZ4Fskvkn6C1d69yz5AFvkbQEcveYfhm-a

Request Chain 152

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJARlxm8QvzC24sx1WB2jB0&google_cver=1&google_push=AZmPxg9Ss8F7g7i653-vGf16lU1CmNVnl8s-LDs5j2opb3JTz_9qa_EFTs2FI0hOc8HGE4SuyKggwgffmoXSGlAMePOa8MVTBm5V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY&google_push=AZmPxg9Ss8F7g7i653-vGf16lU1CmNVnl8s-LDs5j2opb3JTz_9qa_EFTs2FI0hOc8HGE4SuyKggwgffmoXSGlAMePOa8MVTBm5V

Request Chain 153

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENUHcpi1sJAaCyCscwLhfdE&google_cver=1&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwBsklEOkHzpZqPcAr9_tMsEPk-bIDeTZMJfbZtO8fnxwE5 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwBsklEOkHzpZqPcAr9_tMsEPk-bIDeTZMJfbZtO8fnxwE5&google_gid=CAESENUHcpi1sJAaCyCscwLhfdE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUwMTEwNjM0NDM2NDU1NzUzMzI2MQ%3D%3D&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwBsklEOkHzpZqPcAr9_tMsEPk-bIDeTZMJfbZtO8fnxwE5

Request Chain 155

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC-5gW3x74mUrf-TrZEW6Ls&google_cver=1&google_push=AZmPxg8nek-9qCcgP7LQq9zwVYNTWKi9EDY87VJr9UGttLg42pJFOT3sbrhV7h1Ln_SWjPGLKStlMI82aFLra5TdOxfHY9adjfJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAxNjQzMzc2NDMyMjc5Mjk0MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC-5gW3x74mUrf-TrZEW6Ls&google_cver=1

Request Chain 156

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&google_cver=1&google_push=AZmPxg_k-ekOetI3yiq5l2g78TDBjY3z7xYYHjc9LHFBb-43MfQgQLoRI3YBYKE1gpvXtbRCnxmkL-i14trt6LODt-QEHnzi8zP3 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&google_cver=1&google_push=AZmPxg_k-ekOetI3yiq5l2g78TDBjY3z7xYYHjc9LHFBb-43MfQgQLoRI3YBYKE1gpvXtbRCnxmkL-i14trt6LODt-QEHnzi8zP3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NXdESDdranExT08zODY1&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&google_cver=1&google_push=AZmPxg_k-ekOetI3yiq5l2g78TDBjY3z7xYYHjc9LHFBb-43MfQgQLoRI3YBYKE1gpvXtbRCnxmkL-i14trt6LODt-QEHnzi8zP3

Request Chain 157

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED1LXUy9I6AEXfbLUUg66uw&google_cver=1&google_push=AZmPxg9oYYW4Oh8spqxfcY_fW0W2YMm05FaVK37eiCN6fCcogprTEvB7sl69pb-XnKZBAxukc9GJIzjSOmUOdgRoFxBmOKrPGP_7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oYYW4Oh8spqxfcY_fW0W2YMm05FaVK37eiCN6fCcogprTEvB7sl69pb-XnKZBAxukc9GJIzjSOmUOdgRoFxBmOKrPGP_7

Request Chain 158

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKwwh6EDRml6BX70nKKC1aM&google_cver=1&google_push=AZmPxg_Pf7pXW5JD3VfblSrk_7gGDtMWJ87ArGl2wWksWsksX8xBr-iFPLt9ydqy1J7x_6F-cmTvctMixjtK9cG8-lE7gAtJgmU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_Pf7pXW5JD3VfblSrk_7gGDtMWJ87ArGl2wWksWsksX8xBr-iFPLt9ydqy1J7x_6F-cmTvctMixjtK9cG8-lE7gAtJgmU&google_hm=T-A3GB1-RVChs7itM6BSe_Y

Request Chain 159

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxupJmDCPeY7_L0Yi4RNFwKTZPllH HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxupJmDCPeY7_L0Yi4RNFwKTZPllH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjg5NjMzMjg3OTc0OTc5Nw&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxupJmDCPeY7_L0Yi4RNFwKTZPllH

Request Chain 160

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI8o9pzDBfLV2alAok69rfI&google_cver=1&google_push=AZmPxg90bZz-udshyfvRKG6R366qIT_85d5AK8kgs17w0hke4n__tazVmsNnGw3XusbZ8YiN5PStziBtsTr3pH-DEeHpkz97vYtU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI8o9pzDBfLV2alAok69rfI&google_cver=1&google_push=AZmPxg90bZz-udshyfvRKG6R366qIT_85d5AK8kgs17w0hke4n__tazVmsNnGw3XusbZ8YiN5PStziBtsTr3pH-DEeHpkz97vYtU&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NEr-Olv-TEqw_zsYiHLSUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg90bZz-udshyfvRKG6R366qIT_85d5AK8kgs17w0hke4n__tazVmsNnGw3XusbZ8YiN5PStziBtsTr3pH-DEeHpkz97vYtU

Request Chain 161

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKJ5cpCXI5xg4rYOWjVp5E4&google_cver=1&google_push=AZmPxg_SNUEQoA5kAcZUoncey34DOrh1mv9hoNWQ6ntjBMH_h4WEXpNG_7jZBhtK6jwpDsrjOjm3r5uL0j_6wsfv4je1oBDNYKqc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_SNUEQoA5kAcZUoncey34DOrh1mv9hoNWQ6ntjBMH_h4WEXpNG_7jZBhtK6jwpDsrjOjm3r5uL0j_6wsfv4je1oBDNYKqc HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEChlhIgAZn_aHr-qPCu8XE4&google_cver=1

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB&dcc=t

Request Chain 180

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682602868&external_user_id=9a1348cd-c699-4377-a3ee-a1790b1d0c82

Request Chain 181

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=c31aa669-9806-4071-b1b9-017538bc6e40&ssp=index HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=59688bf4-b039-46ee-8342-948fc13ed8c5

Request Chain 182

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1qKcoDI5NsSU-w0-SDCYQAA%262200?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1qKcoDI5NsSU-w0-SDCYQAA%262200

Request Chain 183

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1928453349885771439

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENpEXuzrKS3uyw1yVhnwFik&google_cver=1

Request Chain 187

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R45UFH-J-KUDX

Request Chain 188

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWYwODBmODdhNjk3ZTMyYzc0ZmIxZjdlZDliYmQzOGRhNGM3NTA0MQ

Request Chain 189

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/DLiA1d62cxGsaXAom9DWEA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2055531073214785757

Request Chain 190

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY

Request Chain 191

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IDE1xH_9SK2J_qLOi_cY8A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IDE1xH_9SK2J_qLOi_cY8A

Request Chain 192

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WMUfWqTySgSOlpU31RARvw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WMUfWqTySgSOlpU31RARvw

191 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pravda.com.ua/eng/news/2022/10/17/7372356/
Redirect Chain

https://click.mlsend2.com/link/c/YT0yMDcwMzk5MjIxOTA2ODAyNDU5JmM9ZDNsNiZlPTE4MDIyMyZiPTEwMzQwODM2ODkmZD12NXU1YzJj.WHWGEaCjtW6p14nW205aslmswEyB0hb-HUh_zxeDmMI
https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

62 KB
15 KB

81ms
42ms

Document
text/html

107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

55c1d8ef0c9db66267049d798caacdcaf3d77dd792f3d77eee2ea2fed280eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform,public,max-age=86400
content-encoding: br
content-type: text/html; charset=windows-1251
date: Thu, 27 Oct 2022 13:41:04 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 760bd8dd4b245c7a-FRA
date: Thu, 27 Oct 2022 13:41:04 GMT
location: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmLUJBmWPxsDQ4mF5OKFVAvhtrwGswirYKrNS0gCecGOxGZ62rXAJsccB%2FhFV0DL4ytNKzTPJc4SBwfetVDTXl9cOWq9z4lkh7eg1Yj75Wm49w91n36MxRN4%2BuAX8ClCkV9jPQoEixoapeyHYSb2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 firasans-extrabold-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 63 KB
63 KB 25ms
24ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-extrabold-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

92549177c6b52fe203008ae2a7f01889cfebc82776e49191b2c00f9b9586512f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Origin: https://www.pravda.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 382721
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64908

GET
H2 200 firasans-regular-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 63 KB
63 KB 48ms
46ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-regular-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

5bcf40695e94fad0412955244b79a9de0b41c7d8f94f7b95aa53013f4e6f8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Origin: https://www.pravda.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 382721
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64680

GET
H2 200 firasans-bold-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 64 KB
64 KB 44ms
42ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-bold-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

9958a7c3cb56f185c0fe4948bb019b25882a3ca1a07588515f3ebe10e9800718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Origin: https://www.pravda.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 382721
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65148

GET
H2 200 index.css
www.pravda.com.ua/misc/v6/ 177 KB
22 KB 19ms
18ms Stylesheet
text/css 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/index.css?30
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: d9a451318712c6e19ce05c78c0992488d7acd3cc6a25d41fec95658f35f31dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:25:42 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Oct 2022 18:40:24 GMT
server: nginx
age: 148522
etag: W/"6345b898-2c5ca"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22201

GET
H2 200 jquery-1.12.4.min.js Show response
www.pravda.com.ua/misc/v6/ 95 KB
32 KB 36ms
35ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/jquery-1.12.4.min.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 06:26:34 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 17 Feb 2020 12:57:31 GMT
server: nginx
age: 371670
etag: W/"5e4a8dbb-17b8b"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32724

GET
H2 200 sticky-kit.js Show response
www.pravda.com.ua/misc/v6/ 8 KB
2 KB 61ms
60ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/sticky-kit.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d4cd515598b21cd963f20e9d7179924828fcb1d60c541dfbbe859bcaba3438c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 09:07:49 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 21 Mar 2017 03:30:03 GMT
server: nginx
age: 361995
etag: W/"58d09e3b-218d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1942

GET
H2 200 common.js Show response
www.pravda.com.ua/misc/v6/ 7 KB
1 KB 60ms
59ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/common.js?8
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e8b42424702c9f88381d064985b720e2da085b15d7f4f3c2dee3a221859453a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 18:33:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 17 Jan 2022 13:47:05 GMT
server: nginx
age: 328075
etag: W/"61e57359-1a94"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1413

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 82ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b4ad60c6d9c42d733aefbdddc3265363ae13d49e5e9bae6dc3326b1f53099b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43564
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 99ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5696f49866f8b8b992cc17fa5648557237c3f6495096f6b516967052748c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27375
x-xss-protection: 0
server: sffe
etag: "1375 / 414 of 1000 / last-modified: 1666868841"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/upr/ 380 KB
117 KB 136ms
33ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/upr/ym.js?v=4
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 7a5855328aef8d1bb5d7e11e052c73f5724da0297152f38174262eaaac71eeb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-197
cdn-cachedat: 10/25/2022 12:19:58
cdn-pullzone: 139012
last-modified: Tue, 25 Oct 2022 12:19:52 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 252
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6357d468-5ee4c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 500ff2723cf4a543ebb3e2b8d3507f94
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 d7520c7-p451m-original.png
img.pravda.com/images/doc/d/7/ 79 KB
79 KB 73ms
16ms Image
image/png 34.111.239.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/d/7/d7520c7-p451m-original.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5833296d297e3611ee9e4c99818ae8c389c86a88593d15d875b964a69274a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Aug 2022 14:10:31 GMT
server: nginx
date: Tue, 11 Oct 2022 12:14:04 GMT
age: 1387620
etag: "62f50dd7-13a64"
content-type: image/png
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80484
x-xss-protection: 1; mode=block

GET
H2 200 700343e-p434-original.png
img.pravda.com/images/doc/7/0/ 161 KB
161 KB 99ms
43ms Image
image/png 34.111.239.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/7/0/700343e-p434-original.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

92b627801b17a9f10844ee322484af4928604a030fd390d2fd101bc510358b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Aug 2022 14:08:48 GMT
server: nginx
date: Tue, 11 Oct 2022 12:14:04 GMT
age: 1387620
etag: "62f50d70-28377"
content-type: image/png
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164727
x-xss-protection: 1; mode=block

GET
H3 200 ico_eye.svg
www.pravda.com.ua/images/v6/ 3 KB
524 B 28ms
24ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_eye.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

0c129e0b70d74ce64c54acd41c21d459255a6e4e4b2c00060498544396428852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 10:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 528080
etag: "5eb275c8-1f6"
last-modified: Wed, 06 May 2020 08:31:04 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 502

GET
H3 200 ico_fb.svg
www.pravda.com.ua/images/v6/ 866 B
503 B 37ms
32ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_fb.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

abf05ebbb8e5196c4a679f7325f411a8e0d9fb2548f7843ddc290b526a8480ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 524734
etag: "5eb275c8-1e1"
last-modified: Wed, 06 May 2020 08:31:04 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=601322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 481

GET
H3 200 ico_twitter.svg
www.pravda.com.ua/images/v6/ 1 KB
690 B 37ms
33ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_twitter.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

9108b6a8643218652575fd3c9a7194c12adee219f201a16b0ddd542616828ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 527996
etag: "5eb275c8-29c"
last-modified: Wed, 06 May 2020 08:31:04 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=604584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 668

GET
H3 200 ico_telegram.svg
www.pravda.com.ua/images/v6/ 872 B
518 B 50ms
46ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_telegram.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

5d34ed9a98202af090ec03a5022c7ba1955cb4a5178607c7095245489265913c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 527893
etag: "5eb275c8-1f0"
last-modified: Wed, 06 May 2020 08:31:04 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=604773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 496

GET
H3 200 ico_comments.svg
www.pravda.com.ua/images/v6/ 3 KB
457 B 50ms
45ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_comments.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

62f81619c81dba785d1cfcaceffc3ad3dac5aca8514beb59e14e29c7254868d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 10:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 528172
etag: "5eb275c8-1b3"
last-modified: Wed, 06 May 2020 08:31:04 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 435

GET
H3 200 ico_patreon.svg
www.pravda.com.ua/images/v6/ 490 B
512 B 46ms
41ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_patreon.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

bee5d8b92d1983ca50233cfea71aed7abcb1512367f254ee1dcae35eb3eb3046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:49:57 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 21 Jun 2022 11:31:09 GMT
server: nginx
age: 525067
etag: "62b1abfd-1ea"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=604789
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 490

GET
H3 200 ico_linkedin.svg
www.pravda.com.ua/images/v6/ 706 B
728 B 44ms
40ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_linkedin.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

29a1a191b3918703a38e5ce9bdae2ed12e62082f45b8e2407eeacc0417df9fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:00:17 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 21 Jun 2022 11:31:09 GMT
server: nginx
age: 528047
etag: "62b1abfd-2c2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=604799
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706

GET
H2 200 9ddb9f7-irf.png
img.pravda.com/images/doc/9/d/ 9 KB
9 KB 69ms
14ms Image
image/png 34.111.239.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/9/d/9ddb9f7-irf.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5384a066982276b144c2b5c5167c0bd12a4193211016c6a540da791eeeb64bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Aug 2022 14:13:49 GMT
server: nginx
date: Tue, 11 Oct 2022 12:15:18 GMT
age: 1387546
etag: "630cc99d-24b0"
content-type: image/png
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9392
x-xss-protection: 1; mode=block

GET
H3 200 interfax.svg
www.pravda.com.ua/misc/eng/ 3 KB
1 KB 38ms
34ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/misc/eng/interfax.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

78a1d946e8b875398db0b0c8a9f441c6051c617f74004bcd285ac974d9eba496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:11 GMT
via: 1.1 google
x-content-type-options: nosniff
content-encoding: br
server: nginx
age: 53
etag: W/"a77-5999883457800"
last-modified: Fri, 13 Dec 2019 16:40:00 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=23
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492

GET
H3 200 quixote.svg
www.pravda.com.ua/misc/eng/ 33 KB
14 KB 37ms
33ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/misc/eng/quixote.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

d2f3faf558484feec3ff7452f12929a750d5568b0c7ded5d4f4d5f9034e1555d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 20:20:09 GMT
via: 1.1 google
x-content-type-options: nosniff
content-encoding: br
server: nginx
last-modified: Fri, 13 Dec 2019 16:40:08 GMT
age: 321655
etag: W/"84af-5999883bf8a00"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=1209600
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14452

GET
H3 200 7372356
www.pravda.com.ua/counter/ 42 B
60 B 51ms
48ms Image
image/gif 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/counter/7372356

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

338aa77590082270f139cb5243d5dbb85989ffaa10b180c6ce8d788f47ee7c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: must-revalidate, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/eng_UK/ 3 KB
2 KB 59ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/eng_UK/sdk.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c18d5459a9936968a8b0e4c7a72ee22c735d7ceae81511a23a2aa96caed0b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 13:41:04 GMT
content-md5: wknVPT6VNT/vqeieoLNqHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: De5A1m4P2HhrsQa50PoeyPVwLPg8PcpuD3DonEGhbDfu4Q8ZWHX7Ue3xWxElWehovEDHl/vTYacI0rLhwbRaNQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: 38679d6c82da5292e346e44ac410bfd9
cross-origin-opener-policy: same-origin-allow-popups
etag: "b0037ac11cd63e9b3fd444b3400687a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 13:45:43 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 68ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 13:41:04 GMT
Content-Encoding: gzip
Age: 741
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29223
x-amzn-internal-status: 304
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/67DF)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 106ms
39ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c75318b7d6abca37817c0d53776bad17c8f6b6181c2fd7b056d768273839933d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16834
x-xss-protection: 0
server: cafe
etag: 11219438536449138901
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H/1.1 200
OK 7LWgKFUpDNmn Show response
cdn.onthe.io/io.js/ 53 KB
17 KB 95ms
22ms Script
text/javascript 142.93.164.116
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/7LWgKFUpDNmn
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.164.116 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 332627bfd8b55370a683a6a4f4be64134a025e55f406dfcb8ca1c675fa3a2eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 13:41:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 13:39:35 GMT
Server: nginx
ETag: W/"63062a17-d26e"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Fri, 28 Oct 2022 13:41:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
58 KB 47ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1887475f57df18fd51f0f3c3e85532d75f47a77764eed287622493839f5c43fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59318
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 21ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=93e34f4c2c450dc79ef0eb0653bbec1e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/eng_UK/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74f7c4be2b6464f5a960eae7f09813fb14c69c4d2ad7b064acf66d6a55aaf450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 13:41:04 GMT
content-md5: 6R8Src35A2iPDPGKV+FhFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88393
x-fb-rlafr: 0
x-fb-debug: 6uYymM9KdUF8hweSGWgFaJ8bCH1JRkIN8VaNDhyHzI+ULrRfTwE9YRKAzCuqGdgxUMd0AdUOmJg0HL+wqJ+Jdw==
x-fb-content-md5: 71f330051aa42ae4d296d3f43495a5d0
cross-origin-opener-policy: same-origin-allow-popups
etag: "a7fc6857f9fb1f7561b5f04998143720"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Oct 2023 10:39:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
15ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 13:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2346
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 27 Oct 2022 15:01:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 60ms
30ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3036fb8ac8370b574d33a303cf33bbe62bdc9be02b6f6a9c510758521669f5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43576
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/871974790/ 2 KB
2 KB 98ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/871974790/?random=1666878064581&cv=9&fst=1666878064581&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&tiba=European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror%20%7C%20Ukrainska%20Pravda&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d203642fd48826c6fa8f9b897a6c7860517b650d5255700f30bcdc6b07325d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 59 KB
16 KB 132ms
37ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 13:21:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15975
expires: Fri, 28 Oct 2022 01:41:04 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 44ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177855928894402&ev=fb_page_view&dl=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&rl=&if=false&ts=1666878064599&sw=1600&sh=1200&at=

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Oct 2022 13:41:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ico_rss.svg
www.pravda.com.ua/images/v6/ 1 KB
560 B 16ms
16ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_rss.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

1c298c32336bc70c78f99c058faca4d3999e04cc91e1d7f114dd3b5c7cf81e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 522873
etag: "5eb275c8-219"
last-modified: Wed, 06 May 2020 08:31:04 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=599787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 537

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 94ms
27ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=45252:pageviews[url:%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F,domain:www.pravda.com.ua,page:European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror,page_type:article,author:TaniaLozovenko,category:No%20Category,language:en,type_article:news,reference_time:83,pub_date:Mon%2C%2017%20Oct%202022%2023%3A42%3A05%20%2B0300,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36,device:desktop,browser_version:Chrome%20106,browser:Chrome,depth:1,user_type:new,user_id:077ed9fc5.19f938b2e_1666878064616,session_id:855a3937b.f0dae6d8f_1666878064628,cdn_version:0]&s=587ca673994803384542e727e488bf24&1666878064634
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/7LWgKFUpDNmn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:04 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 8FF2 320 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.pravda.com.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 615427
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Thu, 27 Oct 2022 13:41:04 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6776)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 comments.php
www.facebook.com/v12.0/plugins/ Frame 4552 0
0 49ms
32ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/comments.php?app_id=177855928894402&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19d4060599a5a%26domain%3Dwww.pravda.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.pravda.com.ua%252Ff11fdc1559a290c%26relation%3Dparent.parent&container_width=39&count=true&height=100&href=https%3A%2F%2Fwww.pravda.com.ua%2Fnews%2F2022%2F10%2F17%2F7372356%2F&locale=en_US&sdk=joey&version=v12.0&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=93e34f4c2c450dc79ef0eb0653bbec1e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Oct 2022 13:41:04 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: ypXIsX1GYTVzlvSH5lRQEPuj5YxDRHlNTlqJXVrdsPNCHm7qruXO+2hwxw0/waQJcFHDNhy93mV+aCV5fAzv3Q==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 comments.php
www.facebook.com/v12.0/plugins/ Frame 8572 0
0 42ms
34ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/comments.php?app_id=177855928894402&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1bc62cc6dab58%26domain%3Dwww.pravda.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.pravda.com.ua%252Ff11fdc1559a290c%26relation%3Dparent.parent&container_width=690&height=100&href=https%3A%2F%2Fwww.pravda.com.ua%2Fnews%2F2022%2F10%2F17%2F7372356%2F&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=93e34f4c2c450dc79ef0eb0653bbec1e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Oct 2022 13:41:04 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: VD0riS9GF+rSM9qGSotjxfI5Bbbd0mOpIV/UB8rtd/+0eWWSmwuF4iB449pARzDhklKb1W4ZOHyZ/sUgWL5GxA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 pubads_impl_2022102401.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 62ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130586
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 08:37:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Oct 2023 12:42:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 298 B
788 B 67ms
22ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pravda.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dc7458475c35c783beb00af4f2d473f15f6e61643494429c3db82b895ec5fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152
x-xss-protection: 0
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 114 KB
44 KB 54ms
23ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-M5KSFRL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

743e33588e78aa207e63850e690cdf2c1da208dbf2d2372abae8fd52515c609c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
75 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MRSXWZPM31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ea9acd126bbd71a7b9386f04dcaac522323120ce4fb46e20375d6a90d26c8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Oct 2022 13:41:04 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8FF2 851 B
677 B 201ms
172ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=00255f1a961887edae33b02789a29d869b938037

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.pravda.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 164
date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 27 Oct 2022 13:41:04 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9932309d8adcd55d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: aa386eb4e07ec0e5af24b47c95f4422fa874b567319bac3887c55b41a01893a7
content-length: 355

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 22ms
21ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=127517392&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&ul=en-us&de=windows-1251&dt=European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror%20%7C%20Ukrainska%20Pravda&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAACAAI~&jid=2102280314&gjid=1971910174&cid=792837501.1666878065&tid=UA-554376-1&_gid=1325648876.1666878065&_r=1&gtm=2ouaq0&z=1444100283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
645 B 173ms
26ms Fetch
text/plain 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
cdn-edgestorageid: 713
cdn-storageserver: DE-165
cdn-cachedat: 10/05/2022 21:08:21
cdn-pullzone: 139012
x-ym-country: DE
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: 7f3530c12f1760105805757ca35d0781
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 136ms
72ms Ping
text/html 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?UPR;desktop;;page_desktop;d80353|6b1ce9
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 227 KB
73 KB 29ms
28ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 5912788717c50fe0b9788091106264b25a70b571b65669acbeb1d798a69887e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-168
cdn-cachedat: 10/26/2022 07:18:38
cdn-pullzone: 139012
last-modified: Wed, 26 Oct 2022 07:13:52 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6358de30-38b5e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 354c836d2bba70ac0dffc32e40a0318d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 179 B
870 B 163ms
26ms XHR
text/plain 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 0dbebe5d44984364b3d7365b8882a3430a0459e880b6b9a73d87ba7ebe6e269c

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-200
cdn-cachedat: 10/27/2022 08:31:08
cdn-pullzone: 139012
last-modified: Thu, 27 Oct 2022 08:30:25 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"635a41a1-b3"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: bbc9caedfc8f1afee21b1c08a7d9ccac
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 15 B
490 B 120ms
48ms XHR
application/json 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0MjM1MTMmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD00MmEzYmY2OS1hMzE1LTRjMTItYWMwNC1kMDAzMjgwMTAxYWI%3D&bWlkPTE0MjM1MTgmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD1mYWYxNDIxYy0xNGMxLTRmNzEtYTc0MS0zYmM0NzdjYTc4NjE%3D&bWlkPTE0MjM1MTQmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD0xYjEzYmEzYS0yZTk4LTQzY2ItOWVmNi00YzFhZGE5YzM1NmQ%3D&pt=gross&stid=4df2c001-d80c-4379-abec-c6187ce02a7f&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.pravda.com.ua
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 309ms
270ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ab6478f2d74c3bc5042f6b021f5452ec079003fb9827867be4fa3aed68fb87ab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 27 Oct 2022 13:41:05 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5fa67031-eb3a-4e44-820a-6ffd21261369
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 85ms
13ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421096&zone_id=2390920&size_id=15&rp_schain=1.0,1!notsy.io,fd182d2f-e98c-448c-be3d-3d292004438e,1,,,&rf=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=42a3bf69-a315-4c12-ac04-d003280101ab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19577252897248743
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 160c3c2a91c2e21458f8b93ba11490e1183723a6b0b50335ce3dbfee67c17fea

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:04 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 97ms
25ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421096&zone_id=2391010&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,fd182d2f-e98c-448c-be3d-3d292004438e,1,,,&rf=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=faf1421c-14c1-4f71-a741-3bc477ca7861&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03415785217686751
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9a3f1b3c20fdd6b0e4b11d007332de7e53da10d49de32b2d6636eea15c962e82

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:04 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 88ms
17ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421096&zone_id=2390938&size_id=16&alt_size_ids=232&rp_schain=1.0,1!notsy.io,fd182d2f-e98c-448c-be3d-3d292004438e,1,,,&rf=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=1b13ba3a-2e98-43cb-9ef6-4c1ada9c356d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.25764852545019346
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 81b580cb47260f35c74c45e4664cb50e5a23262b3fd31d0a38c08ddebaa5b688

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:04 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
290 B 68ms
38ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=831915&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213a4974aa8b181a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22fd182d2f-e98c-448c-be3d-3d292004438e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22141a78d9bc8b47%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221514e46d5417426%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22162c6cd445e0cfc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22600x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A600%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221514e46d5417426%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22162c6cd445e0cfc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22580x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A580%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22162c6cd445e0cfc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1b51ee6c7679c783c7162538cbde74c3ef3d5d2137d33bd6509e5a77c3843d

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 760bd8e1cf815c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 81ms
18ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a00180803c601847b0d179017a&pos=8a9695a00180803c601847bf29ec017c&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 904e187f1eb93c98cdb6dc918ab7d005f6e0802fea2887ca7e6b16e3ff885baa

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
117 B 111ms
48ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a00180803c601847b0d179017a&pos=8a969830018080dbca36dc83309f0009&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 91c232041d94365fb459c01302a7f2a10c8c9c451d2f03219a321c76173d5edb

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
295 B 79ms
16ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a00180803c601847b0d179017a&pos=8a96913f0180803c5bc247c533030183&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ef7e83a9da4f90ca172137518d8314452ec6e29d091b406ad60faa7aa2b9d8fa

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
content-length: 62

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
219 B 57ms
26ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=90395196439

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 575 B
449 B 374ms
298ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8581,8580,8582&sizes=300x250,300x250|300x600,580x400|336x280|600x280&referer=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 06740a581aac9281f5162c117c21d28d249504e6c663b28a1f3b1c93ba54b4f1

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pravda.com.ua
date: Thu, 27 Oct 2022 13:41:05 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
507 B 166ms
115ms XHR
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2219aae5d9-7b49-4ac6-86ef-0bfae6884f28%22},%22cpmAdjustmentCoefficient%22:0.62,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250]]}},%22adUnitCode%22:%22UPR_SBL%22,%22transactionId%22:%2242a3bf69-a315-4c12-ac04-d003280101ab%22,%22sizes%22:[[300,250]],%22bidId%22:%2230073868118d13c%22,%22bidderRequestId%22:%22293ed3578dc934a%22,%22auctionId%22:%224df2c001-d80c-4379-abec-c6187ce02a7f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22168345ce-a342-4b76-b9b3-030057b6d907%22},%22cpmAdjustmentCoefficient%22:0.62,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22UPR_SBR%22,%22transactionId%22:%22faf1421c-14c1-4f71-a741-3bc477ca7861%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%2231d7b8a7dca7096%22,%22bidderRequestId%22:%22293ed3578dc934a%22,%22auctionId%22:%224df2c001-d80c-4379-abec-c6187ce02a7f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2219aae5d9-7b49-4ac6-86ef-0bfae6884f28%22},%22cpmAdjustmentCoefficient%22:0.62,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[580,400],[336,280],[600,280]]}},%22adUnitCode%22:%22UPR_BTA%22,%22transactionId%22:%221b13ba3a-2e98-43cb-9ef6-4c1ada9c356d%22,%22sizes%22:[[580,400],[336,280],[600,280]],%22bidId%22:%2232c8d91030b36f1%22,%22bidderRequestId%22:%22293ed3578dc934a%22,%22auctionId%22:%224df2c001-d80c-4379-abec-c6187ce02a7f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F%22}

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 27 Oct 2022 13:41:05 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 289ms
263ms XHR
application/json 3.122.77.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.77.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-77-49.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
288 B 112ms
20ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 27 Oct 2022 13:41:04 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
507 B 104ms
54ms XHR
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2231e23cc6-22fd-4b15-b2cd-7260ea9463e8%22},%22cpmAdjustmentCoefficient%22:0.8,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250]]}},%22adUnitCode%22:%22UPR_SBL%22,%22transactionId%22:%2242a3bf69-a315-4c12-ac04-d003280101ab%22,%22sizes%22:[[300,250]],%22bidId%22:%2242417ef4af1297%22,%22bidderRequestId%22:%224134edcabaab358%22,%22auctionId%22:%224df2c001-d80c-4379-abec-c6187ce02a7f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2231e23cc6-22fd-4b15-b2cd-7260ea9463e8%22},%22cpmAdjustmentCoefficient%22:0.8,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22UPR_SBR%22,%22transactionId%22:%22faf1421c-14c1-4f71-a741-3bc477ca7861%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%22437553b80181799%22,%22bidderRequestId%22:%224134edcabaab358%22,%22auctionId%22:%224df2c001-d80c-4379-abec-c6187ce02a7f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2231e23cc6-22fd-4b15-b2cd-7260ea9463e8%22},%22cpmAdjustmentCoefficient%22:0.8,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[580,400],[336,280],[600,280]]}},%22adUnitCode%22:%22UPR_BTA%22,%22transactionId%22:%221b13ba3a-2e98-43cb-9ef6-4c1ada9c356d%22,%22sizes%22:[[580,400],[336,280],[600,280]],%22bidId%22:%2244ec16bfb077d22%22,%22bidderRequestId%22:%224134edcabaab358%22,%22auctionId%22:%224df2c001-d80c-4379-abec-c6187ce02a7f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F%22}

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 27 Oct 2022 13:41:05 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
753 B 126ms
77ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 24d5348134b2f14ad5380dc0eed487a7ef0d8fb8d396a6f173dd790c7ca4884b

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
content-encoding: gzip
pod: X-Sovrn-Pod: ad_ap7ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 99

GET
H2 200 /
www.google.com/pagead/1p-user-list/871974790/ 42 B
548 B 64ms
26ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/871974790/?random=1666878064581&cv=9&fst=1666875600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&tiba=European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror%20%7C%20Ukrainska%20Pravda&fmt=3&is_vtc=1&random=1155025589&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/871974790/ 42 B
548 B 66ms
28ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/871974790/?random=1666878064581&cv=9&fst=1666875600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&tiba=European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror%20%7C%20Ukrainska%20Pravda&fmt=3&is_vtc=1&random=1155025589&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 70ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-554376-1&cid=792837501.1666878065&jid=2102280314&gjid=1971910174&_gid=1325648876.1666878065&_u=YEBAAUAAQAAAACAAI~&z=600962646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 27 Oct 2022 13:41:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 282 B
396 B 37ms
37ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.pravda.com.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 4b6412f79f3afa76d6b77429b0b4a5edb795f4d5577711f327957b2d87446e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 282
expires: Sat, 26 Nov 2022 13:41:04 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame D088 5 KB
3 KB 122ms
36ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 9d496db62b9188180d3707700d7dd8d4ae0e6c1f9c4c3c260fcd82bb1a4f50b1

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2722
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:41:05 GMT
etag: PRIVATE7520710249
expires: Sat, 26 Nov 2022 13:41:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 51ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MRSXWZPM31&gtm=2oeaq0&_p=127517392&cid=792837501.1666878065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666878064&sct=1&seg=0&dl=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&dt=European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror%20%7C%20Ukrainska%20Pravda&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MRSXWZPM31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 39ms
39ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=127517392&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&ul=en-us&de=windows-1251&dt=European%20Parliament%20to%20vote%20on%20recognising%20Russia%20a%20state%20sponsor%20of%20terror%20%7C%20Ukrainska%20Pravda&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABQAAAACAAI~&jid=1443852620&gjid=2129232630&cid=792837501.1666878065&tid=UA-554376-23&_gid=1325648876.1666878065&_r=1&gtm=2ouaq0&z=878128759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 110ms
50ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-554376-1&cid=792837501.1666878065&jid=2102280314&_u=YEBAAUAAQAAAACAAI~&z=1391346441

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 77ms
39ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-554376-1&cid=792837501.1666878065&jid=2102280314&_u=YEBAAUAAQAAAACAAI~&z=1391346441

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-554376-23&cid=792837501.1666878065&jid=1443852620&gjid=2129232630&_gid=1325648876.1666878065&_u=aEDAAUABQAAAACAAI~&z=69352794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 27 Oct 2022 13:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1666878065153/
Redirect Chain

https://gaua.hit.gemius.pl/_1666878065153/rexdot.js?l=100&sendf=8&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww...
https://gaua.hit.gemius.pl/__/_1666878065153/rexdot.js?l=100&sendf=8&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
426 B

102ms
102ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1666878065153/rexdot.js?l=100&sendf=8&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=fhy3Ann0xws9xHvMrHAFNUIgzAW3fRBlRbRv9faMNCr.y7DNUq7m8OBbTFbm9SbBePbgxxIKyLxF0PvqKQx6pLmLLLtx/TcQtZbp2p90eR/&ltime=236&fpdata=B2Bwhxi99tqFuHs48rIDRj0YdQPbubUqUeOHIn3L6GP.47&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: f4633e1b6c2313738e6b3319a2cbb8293048ce1e3e223387aa41bc991c17769e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Wed, 26 Oct 2022 13:41:05 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1666878065153/rexdot.js?l=100&sendf=8&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=fhy3Ann0xws9xHvMrHAFNUIgzAW3fRBlRbRv9faMNCr.y7DNUq7m8OBbTFbm9SbBePbgxxIKyLxF0PvqKQx6pLmLLLtx/TcQtZbp2p90eR/&ltime=236&fpdata=B2Bwhxi99tqFuHs48rIDRj0YdQPbubUqUeOHIn3L6GP.47&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 26 Oct 2022 13:41:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 75ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
26ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 208 KB
65 KB 677ms
644ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4004673535161809&correlator=3394594549264467&eid=31070566%2C31070113&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fifs&iu_parts=6942251%2CUPR_SBL_300%2CUPR_SBR_300%2CUPR_BTA_336&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250%7C300x600%2C320x50%7C580x400%7C336x280%7C600x280&fluid=height%2Cheight%2Cheight&ifi=1&adks=1156159870%2C3496814899%2C1095086453&sfv=1-0-38&fsbs=1%2C1%2C1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D1.30%26hb_adid_appnexus%3D50b0c760650c623%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D1.30%26hb_adid%3D50b0c760650c623%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&eri=1&cust_params=lang%3Den%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1666878065312&lmt=1666878065&dlt=1666878064387&idt=599&adxs=112%2C1188%2C437&adys=1480%2C274%2C1569&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.pravda.com.ua%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F&frm=20&vis=1&psz=301x250%7C300x600%7C715x400&msz=301x0%7C300x0%7C715x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&ga_vid=792837501.1666878065&ga_sid=1666878065&ga_hid=127517392&ga_fc=true&ga_cid=1325648876.1666878065

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d9e2f2eda82148d93307dccd2ba0b950795cc6ecb4d9b2c6dfea0b635a141cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67022
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 84ms
32ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c0aa3cab3394ad175672e7c8e6af7dc49a07599b35439332398f6e7e038b5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11209
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 139ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:41:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7BCF 13 KB
5 KB 72ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:34:37 GMT
expires: Fri, 27 Oct 2023 13:34:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11EA 783 B
534 B 48ms
48ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

faab52534a29546aa090d241e9248e063925db1c6023a4997f19215c9c60b20d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pOmM1V5Er0V9sEXrwENwtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-pOmM1V5Er0V9sEXrwENwtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:41:05 GMT
expires: Thu, 27 Oct 2022 13:41:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11EA 0
0 80ms
47ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102401&jk=4004673535161809&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BCF 36 KB
16 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:40:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7BCF 0
10 B 28ms
27ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9WpqYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 82ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Oct 2022 13:41:05 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1E0D 15 KB
6 KB 87ms
41ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pravda.com.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:41:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 349667
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 116ms
74ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Oct 2022 13:41:06 GMT

GET
H2 200 container.html Show response
3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/ Frame 6AA7 6 KB
4 KB 213ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:41:06 GMT
expires: Fri, 27 Oct 2023 13:41:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/ Frame 9656 6 KB
4 KB 203ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:41:06 GMT
expires: Fri, 27 Oct 2023 13:41:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210071758000/ Frame 559E 221 KB
61 KB 185ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 10:05:17 GMT
age: 272149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61557
x-xss-protection: 0
server: sffe
etag: "6f919b986f193e5c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 10:05:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 559E 14 KB
5 KB 213ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 246704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 559E 94 KB
28 KB 217ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 246704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 559E 5 KB
2 KB 220ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 22:59:37 GMT
age: 139289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Oct 2023 22:59:37 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 559E 40 KB
13 KB 220ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 246704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 559E 6 KB
1 KB 196ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 13:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 13:35:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 13:41:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 559E 2 KB
2 KB 47ms
46ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 12288
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 28 Oct 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 559E 295 B
319 B 46ms
46ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:12:30 GMT
x-content-type-options: nosniff
server: cafe
age: 8916
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 28 Oct 2022 11:12:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 559E 0
0 36ms
35ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaSCxsTPzI40E4RwRHlZw1QfcD1l4k4zFsxLkA6BrzuZ0tpHIBHagDpLn11_hIqCQpT74oKhXLQm3Z7gJacZ8rtsyiUg
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 559E 0
0 127ms
126ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3qjXcYpaY5GlGtiR9u8P8aCEmAqvwsCObdGqqpXbD8GCwfCDLxABIPvgsSpglcKmgrAHoAGMxoSyAcgBCeACAKgDAcgDCqoEwgJP0DEnA1Mld4mY_Asv38BtYcuDVL0cDWjUKjepOyaw_MmhsPv4lh3G0rXgx5UTs1SQw2XtLHctg4XsiT_Fp4Qolm7vnbBLcvMp_-YXzKUCcsQWGE11R0M5TkBbaci_An_LyfYvHuPfqz97vojKh4RHqRUFU9YyDfzbJ0Zp1g7I8XZZ8AXS8Jc1uxaKHwo3DqNOvD3xj3YYaKKtrYxNOu_CqzSL1dZ7bLv7Xt9wG3qxENe7UE2oYCOVfjsD-JwjpuGt1TockxCE8o29456t7AtBOiCB-5qyHE53dxIP3Wdbze-0td6BnN4Uuw8GBiYALFbcaBACUC4himGjjCA6xrGv_EHgeA2EbK__yBmCYoJv62w_e2bVruXlnJGsUtFxdjfLd3FQw2WaV1i8lV7IElvNvdKapMIw2Y2NhmTNgmbIESrGwASYid7y-QPgBAGSBQQIBBgBkgUECAUYBKAGLoAH3Ln7zQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD32xHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbgT5APYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTQzODIzMzMzMjAzMDQzMBiT0xE&sigh=mITs7VNhuDU&uach_m=[UACH]&template_id=484
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10209120159672592960/ Frame 559E 11 KB
11 KB 42ms
41ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10209120159672592960/downsize_200k_v1?w=200&h=200

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7e6f4b56ff2b9f4b9b923c2b0125c32d350b35649d1800c123b74235e1fa853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:00:08 GMT
x-content-type-options: nosniff
age: 182458
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 22:51:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 11:00:08 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4695836272514186265/ Frame 559E 74 KB
74 KB 83ms
83ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4695836272514186265/downsize_200k_v1?w=600&h=314

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9156b00cb2bd33dd9ce9be8e215a3bdd31f6a8a31baec90ab9c4a36dafdb855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:07:38 GMT
x-content-type-options: nosniff
age: 142408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76009
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 15:16:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 22:07:38 GMT

GET
DATA 200
OK truncated
/ Frame 559E 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 559E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10cb6a50899e9de247a11650bd0a70382625097bb38ca72e8e2d9aab66e110e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1E0D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=pravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.pravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=sHSornxnMjk5Tmk4d3FURmhXelRwSHVEZ2c1ckQ4aVNScVJQZG9jbStmTzVCMHlIRmN2YVVNeE95SFVWcGx1aFpUTjFvajR5cTUrOE55ditFSVZMbEF5S0dFWDlPeEs4bVRGVEpnR0tQb2xoZUZ5UHZUa1N5T2FCMjlJQl...

422 B
652 B

80ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sHSornxnMjk5Tmk4d3FURmhXelRwSHVEZ2c1ckQ4aVNScVJQZG9jbStmTzVCMHlIRmN2YVVNeE95SFVWcGx1aFpUTjFvajR5cTUrOE55ditFSVZMbEF5S0dFWDlPeEs4bVRGVEpnR0tQb2xoZUZ5UHZUa1N5T2FCMjlJQlJpaTFXTUhJcFJ2L25mdE5iYUlNeVJBdHRLVXViODhNNnNrRjRXNVBKM1hDTU1GY2dHdC96elJvZ3V3Qk1wTXp5UUxmdy9GQWpHbW9RZW8xSk5KeSt4bWcwV24vck1HbTkzWFdiOExuV20xSzlkNnNndUNKY21kTUdNRHoxSTVVZmV5NlFlQ0xvc2NvSVpnSE9VZTBrL0prcjhIMzljUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90cad8a14691343b1b089434109993d3ea7a85947b1e52c6ccb089671666b69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2408923
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=sHSornxnMjk5Tmk4d3FURmhXelRwSHVEZ2c1ckQ4aVNScVJQZG9jbStmTzVCMHlIRmN2YVVNeE95SFVWcGx1aFpUTjFvajR5cTUrOE55ditFSVZMbEF5S0dFWDlPeEs4bVRGVEpnR0tQb2xoZUZ5UHZUa1N5T2FCMjlJQlJpaTFXTUhJcFJ2L25mdE5iYUlNeVJBdHRLVXViODhNNnNrRjRXNVBKM1hDTU1GY2dHdC96elJvZ3V3Qk1wTXp5UUxmdy9GQWpHbW9RZW8xSk5KeSt4bWcwV24vck1HbTkzWFdiOExuV20xSzlkNnNndUNKY21kTUdNRHoxSTVVZmV5NlFlQ0xvc2NvSVpnSE9VZTBrL0prcjhIMzljUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 680531
content-length: 0
expires: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A1AC 624 B
297 B 107ms
48ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOOO69UBMAE&v=APEucNXheu_3oj0ntzOupG2KoMIGLnink3vixNw5y9rRruejLqGl4lUjoy7V59Ofj6qiVpSKZLlrc9JOWN-LZ1NkJLKaBFQntJwzUBMGpnsOTHOCqRMOFTIKxHxFdyiWryQi__uzvcwxMSmEii_2Vb4mnyMzQw1UN4A22udL6sP9XLblF2twT74

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:41:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 9656 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 15:13:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/ Frame 9656 6 KB
2 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2484
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 15:13:14 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9656 0
64 B 136ms
62ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswQyg2JLwobkIyg9xJSbc3VqDslTa1VpMCbpw2E8cHUEWtY4lNlGV9IrQQqaqaAgbiL9r27Q3l6ZovzqRp3u_Qdv6CLzD8XChO_bKRNdBD7ujAJRQ-chwa210M3w7UIISXSfQJIHwrH1XK4l7zS-YAXgkD-iaQQixr7uhJk4iTaU3bOg20_D10ZXmVeAZsYteH9FkThO6US3fjpTncncDQnubztL95V6YHKDISKVq-pGR7vYH9XfyE1VK8PMOvrfxa10HkEeaq91zHAreI0ZrxYsJFWwJjEttryad05BoS7UQ1UWKllaZ-toeCg9my1QjfyQkjPUGWQ5Vzf7zVurcYp-sSLUKfNDjzEERLDQiTLIrSw10CEGCBuEsgDNf0l25leNa3w7UVDbuEgy_ALSg89KwDsE4G1tCETnDVM6_K9-5FxrzQHbgQ8SF0qSsW44HGwlIAsjBmJ_pFp4oZwjrOpK5ljgyOIFNdB5Wzy1GK10dRQMFhZvBDpuVXVkT0hsScGJbqZUdUS5jFq8ZeAdrTuym1EkLkXYsoFH58kxocvHY7_yLq6erqtptkN6RxCySz9KJ2f35LqWQK2ehYkzYaOkMNIhAcykoQdWZMSVgCaDUOOApNfAeCZN0QxYJWu_n6UthyjsymQZcjWu8vUGv2kFFEiYKnnup8JTEbaAarImq4kHxuFRlhjffqVW17r0t1ZuO_m78ujBu8xuDL0XckY0euDPR0W8lqBAoNnSjXRg0-8UTM5WqpaiaVd5DYra9GOhTnGIo9Wf1XubDD0--n2nWg6BQF_DZCnZahnBhoS0Y4yJwfVxpFYMdvgu7gbpyScgWno1g1tKBFNmbpa6_86ECPqQYztsV_LsgjhGHFQH-_imWJlBPQZIsEqZwtnGLe_FVHMtm87cR_x0jiydOZ_lLWmVOgFHikHiNNvUmdhfXVPsISN8zkAoKXeLt7G3xoSgpAkrGm4GxoaFUTiNoZOK98rIgT1joJwoErBncXgnBP_jPc-vtfj_mI76ydZpuPreBEbmdIz-qg_z3_-KoH9BzZL-rmB5lzdp3n37kYhJff1jQ9NqoSeLhsLFtFwZAFnz_xIHOGtmzuoRw9G04P1b81rDiQK_FMSJ67UI-NIA2IeiYISjz6cqproIyAXf3xRxyqaCqSR0zyCgRDCvzDYXmuWIA3QSnjWTB-XhnQvArBubBM1HiuO0g71QlK2JsJD_2VhDd0hHBDrXgtVfInJk1K60b6s60qaBuywcebbiFBhpxYaJpxjyNxQOUzV7AbYyKE3pF2cvHZ3q8JH2aW3QD64H5-RGQ5zpIoHV78AXHYDw0RRDPxOAV2xL2CitGYm1yxFH3Hj3mODEPm8P7esoCZ_ecIK049_eLaePblnlDkyxdBRzleie0OmFjJZAyiwQ&sai=AMfl-YSAg39SDHA6q3MUnGcGtPgk7N4mwDGAap_U5h4Mp3pJ9pZerEunTIh84yRbuPEWi4SIjRwS-kzBHmB_PX8NaT99fRqCEEK5yr4vb76PuZTcXtsKvcV-LPojUFksrWFkzj2LE_69JtFZUckSrSVqEAWgsN9BnWN_U5D1EML7n8FmSGPljzQRABg8n-rCO1W5y4Ch2y1uoDsw06bN9tUVPOlGRynhPqSJzfrvkdUMJdDU6jmVZguwn-AIQlxaO5v9wdPk39fYFLcVHBTIv1H5Mb_d08Wl9hdtg6ftTCOyanKKpcS53YqQ6o6wFDML3FJGncisYH_mFX3_iVjz_fTJ-PSU01LEK3eQnPCF56nkgV0zL5C5sIAstLORRzGV9GsNNpoCMG_6nOgRBQ&sig=Cg0ArKJSzD82LZIL67NkEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221025.28719&arae=0&adurl=

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9656 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 13:36:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9656 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcjbtLbjgese724ob4TKLXoE29nUdJq0gi9clNA44pt8pv3-uJGznku9kGJE2LxjzhJku8yfj-A4c2UewQV3zPakUrXyi6P9VNco_xenX9gyy_rO4

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 9656 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 9656 17 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9656 0
0 38ms
37ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhRRCEr5smXO4bA9KCuvrj5J3OcJYbcgD-NOofv5G82PODr1Dhyw4Z11EphMepQoyeBpYRVlm6QRv88kCUr7Voi1YQdQ
Requested by: Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9656 152 KB
46 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:41:06 GMT

GET
H2 200 10000187598569306260
s0.2mdn.net/simgad/ Frame 9656 107 KB
107 KB 104ms
32ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10000187598569306260

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b5b310a6f2e74d8c3d02437ff10354e0822bbe110ea877f876ba153f282a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 16:38:07 GMT
x-content-type-options: nosniff
age: 507779
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109889
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 05:46:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 16:38:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 559E 15 KB
16 KB 85ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pravda.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 248174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 559E 15 KB
15 KB 80ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pravda.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 493222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:40:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DAA2 624 B
297 B 79ms
42ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGI_c7NUBMAE&v=APEucNW7OC_SpjyEXEaSZuBOzGV38KNsQuhQcODBo5SexDevoeHsQ3TBUtsCHQJ-mDfRiKDM2EXnL7iDFXfYDqCn9_Vmeyo5jsZ-xieD1k3J_KYf6afs2_0H4sepXLuJlWjtjiASy0EOiOo4LPAngYTXrq0ChtpbzYaAtuSrRAt6e1BKdUQ7GOY

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:41:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 6AA7 23 KB
9 KB 25ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 15:13:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/ Frame 6AA7 6 KB
2 KB 27ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2484
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 15:13:14 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6AA7 0
622 B 114ms
62ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstk31bHvSjGRAR64Ede3dJpSq7Aa6mJkHMSMUm4f9lcsTfn6RR8oQ_AxSvfXu6pFrlToRL-7YRktLvXDx4E6SvE_mBCU8pvCej1oXW_Op5ZcC3B1Twt1J4iR-xMVur0-Sr8DWrlnFrb-sy6G-jTptf5_gen-0DZxF3hfo23j1cIkFMXeffB0rhzjMvfkXIm85jwxAoGoILhwiq52W-XjFQ16PVjxLNMCNgslBMoI8f7931GSQW_ObzpE_Wx17PSkLKihT5RxvH5rrC5k0bdcFWUbMMkVQGvb1tb1QYkkXtlwOI8lxutukP9cTspmNI9ieegiJX600yKPOLETzHbGNuplrPcQQ5PvsLBuSHM1kNOd-GOqAXHUdNhCmc-JIPmRk4hX_mmTeIS_aH5KFJoJis7b8EYJVofMxTbIiPoaAuy28zGPQiNyEhm7tyfW0gIlb5mvvrBGlC4tc9XrKkYWhBS8Jhj54gp0BU_FRi_dZNrpvYg-ZgwJPcZNYLX8djVVVoJPu1yk93YHuNmdhdMyVPQ12oaQJUEpDHb7T5Ctv0UJT8q_DSoeUbrVlQgVcvhVsY2olfBEysaRr1sv6R4LBGA-NH1Ec7bqBZjZ2mcMlgMl4kekQpHVUDhdQXw3RLPZmkh0ao_7dn5o22FdY0NU_j1t2XDvVvJ0jGCumegQwRHW9mBNruLGdd2vInr6WmHbL7_ljJ5CdoJRYtMMUuejWYp42pwaHn6BP9cy8UMoaXXU_V4IhumsTsjJ2LRpKBiM9nQlTjLpa3vfwvYEpZk6_Sy1AuriQgluFIfMxHN1TBOI7IJbnh3p5L02DtjtHJe4nz_HXzVAx1pE7bY2i6ft8MQgcfTQyowEFRaWRqaR6Wu97F2hZA_bhFDijiRM3wqYVpIy2AETRZrzpnVPOGn8nwlEqr-brY3kqr0vejiPJ5sMOHy7U4JLSIor9Gw-L-GNmu46sKVzzMAZk6cGGm6uPN__8tHE21NwcpznPGMDFgdHjRC-WRKjgaV7wyHzJgtVKSS9EC8yKE0YsHqdullpreV1Bn5zs1c0T5RpkNoM7J49qqvY_275v1V3YokBszpkq2ebQ65A_o9QQ7ZYhcUdGIDXs7_yyciUYt7W0Z-rnObtf6NRJYTSl4mcjkN9ho2u5jYKsBgNBGGg28WsUVt811Xrlgh0GCI_1pF7u_AT_9icl2qxeAbJq2xyF1sxP2CaXHk1Zc-QZW93hPGb8ErUdrfIclYl5pwpTskCrUdboEjaJ1antXPoBlH8qyhqKKVzf0so4cNP5dZTYl0xan-yCO3gMqUvQt6YCc7cP6OdCtKpE9P-UwXqRixgohmtn1FxDJ_bptbVVgT-z_sKMS8PQQqJDEdqENeC1rWu-EpbYqkSgYwOAK_Oaa0ijXp5Pz9jY-DaQ&sai=AMfl-YQcmfsQ5BmFs_oVi73aUvlrLsgT6YzCJRNiHYnEA1OftTnRhi6BRz3nHoGLtDzhMYVzYKAIKY14z0vFN-pYCL_-TXbOlOzC_nxP9BHOHDAsmlLyXDmLk2YK6fpgyLfRye0mIZLti0pynElKrFKgWYZxSoyVhlRkx6YhobA5w3TAF63Z6p0VvCGBwL5sK4iNNQ_7RbcDWAyG_1-D2dSL0rhta_epBNEVwap_Nisi8bNiFcMfl_8eVw5Wkljuy2VYmqZkjA_UbWfY-ICUU6aC1nRZNVkO5xqKf-yJBn8dpZFLhYhZ92Q_-6MUFeHNK5hs141-AcZnnBw6PCoiW5YnNz4SAOvMJYRFDly0yuNwIfJAlbN0BhgNDWsOHgp-5a6AHy1fJTbeByndUQ&sig=Cg0ArKJSzAz1rDLt_u_JEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221025.48031&arae=0&adurl=

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6AA7 41 KB
15 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 13:36:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AA7 42 B
63 B 53ms
47ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALrntReZqiXXeIwX4aoWbIJpiDUDzERjBU3aj8mRYHovemOCLAqwLWmvrKJ9PGOoBMed6hv1-6JMwS_98AJecWKuSAqk4HI3tvls2NuHvHtV-nkek

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 6AA7 3 KB
1 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 6AA7 17 KB
7 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6AA7 0
0 44ms
38ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQse2LcQU0ESb6yqRf6epdPPehl16AHy2B6ZCB4i5qjUqvaRk_KdLzFyd5RTbSszs7elOF_vL5-BwIBfPtZJuA36gX2CQ
Requested by: Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6AA7 152 KB
46 KB 83ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:41:06 GMT

GET
H2 200 4289715378317278136
s0.2mdn.net/simgad/ Frame 6AA7 58 KB
58 KB 74ms
23ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4289715378317278136

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3b49c8995d293a4b93007304ec678157f0372bc05d4ce0bb7ba18694b02b0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:06 GMT
x-content-type-options: nosniff
age: 146220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59001
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 05:47:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 21:04:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D645 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 11:23:52 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 11:23:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9656 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f9654c7d8ec2b583386e2b51c7486973b2cc3973f6445355358008280f5168a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 544C 1 KB
643 B 27ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 11:23:52 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 11:23:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F768 22 KB
8 KB 19ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 18AC 22 KB
8 KB 19ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6AA7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a1924f9fbfc088190ddead991945147d107a6e6574854da76f3757301dfbae6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102401&jk=4004673535161809&bg=!WFulWx_NAAZPh4lnb4c7ACkAdvg8WmJXtyWq_jB9PPlqGS8lnsar_HrdPhn_pkPfs2SA-hNslnZSUwIAAABYUgAAAAJoAQcKAOatCFwHxLReBWWl1JK9H65Jse6qq9l1ST130fdHBeoHMzhczilJadQ1s5EKbBkKBImRXdVpybHajPKRDIUuO0ba-JMnCDA6Od-r3SxZYpM3myr7vA475RZHCufOd9dSSUu4Df4gMnlgiGmh1NVL9V73yE71F78cvd14LVnq9Dda7imaMJJTdhdpImOtwSh7XigwAvssX7XQ4f6TV1JdmGWQ6gZghn_63E3iEtL-SW1AFLgc0rMzvmohFkug8_ZBbp9Y3HBzQKE7H3VKvAh4QE0zAj2TOlB_kgzQ5AGh7IhHt3-vjHrkg5kCqrWMvj2DoMj2lEQAxUZy3S7CvceslAYvaDuguRoEWHoe2GTRaQ6EElIjUTanEVfM8Wg7cx2ZCqZTWw6BnGJ63utnOUOtscvNFMttRqwvhkJISqA-zCxq2kEr-EErWir1ChdYSkqmoOEJwsKswmnv7_FUSMZXKjbhZW0iIjEo0c9-NkV7XXzNQ93_vgQfSqAUNIceuV7943ea13c4mXj2nMAJgGWGrRoqSAUcM9I73E82ja9iTtrkAIASsoEh8pcQdtPO-7wU-K1MQek4vJ46UwFTKj39Gpu6oE3MYmSjeQwPG_ItnylGoZ4FY4dF1hzsod2X5tVIWyPP0YbK6rEuX9oszaPNJxRBZNGC0d13SgJvudeQtKPRlBzN0JUtI2R5zMgxoL-c8-2RDPMtQe5VjpO40jBAQzaSWoCepWSU4BbaYBZN7IBMS69nbS3NzA-n12wC-CGs7tYPRxJIBodmU7YwcHVtwpPAtiujfhGGCBr8HZNJyoT2iIMO0iyB-PZFGeHbrk-Vsa_38bNOItEY7y4-dDL6dCEf3t5L0ih14o9DMy3PX6fzpw2I4ymiZL-OK78aNmtUIkVUo1FQ6bRFO6lPVYaFptYrYA1ERB_irvzpZdmeGs9xMft9ggqKTZ3i9itrVSpNrqqBFDkYTZSJGJouX0vzP1l3NR3khPLyBt_L1X7xzccNSXuArmR9HzLTvjiJ0uyRnBNlIrYRa2vKKfAl5JZnDhvemWc13LA7dqwYjnE7sBuwzMkRrIhvXOQshNfrrTWsRH4W3-npqR_Ha0AGjJqaBRPzAEOiiOQmyC7OVaUXTpbSDWdQp6TAhKJsCYev2PY-1RzFmpl_NJBZJfIA5519FLifha4umJWeM6E5BzluzJyUWi9Kf007EaefeEDap5ArltiIRPo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DAA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGI_c7NUBMAE&v=APEucNW7OC_SpjyEXEaSZuBOzGV38KNsQuhQcODBo5SexDevoeHsQ3TBUtsCHQJ-mDfRiKDM2EXnL7iDFXfYDqCn9_Vmeyo5jsZ-xieD1k3J_KYf6afs2_0H4sepXLuJlWjtjiASy0EOiOo4LPAngYTXrq0ChtpbzYaAtuSrRAt6e1BKdUQ7GOY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DAA2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1qKcoDI5NsSU-w0-SDCYQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGI_c7NUBMAE&v=APEucNW7OC_SpjyEXEaSZuBOzGV38KNsQuhQcODBo5SexDevoeHsQ3TBUtsCHQJ-mDfRiKDM2EXnL7iDFXfYDqCn9_Vmeyo5jsZ-xieD1k3J_KYf6afs2_0H4sepXLuJlWjtjiASy0EOiOo4LPAngYTXrq0ChtpbzYaAtuSrRAt6e1BKdUQ7GOY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DAA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1

43 B
1014 B

24ms
15ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGI_c7NUBMAE&v=APEucNW7OC_SpjyEXEaSZuBOzGV38KNsQuhQcODBo5SexDevoeHsQ3TBUtsCHQJ-mDfRiKDM2EXnL7iDFXfYDqCn9_Vmeyo5jsZ-xieD1k3J_KYf6afs2_0H4sepXLuJlWjtjiASy0EOiOo4LPAngYTXrq0ChtpbzYaAtuSrRAt6e1BKdUQ7GOY

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
AN-X-Request-Uuid: 453bc328-f565-451b-b22e-1e0bcfdc3f2d
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAA2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D

170 B
188 B

78ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
AN-X-Request-Uuid: aca1001c-eea1-4619-8ed6-47d9efa6c7ee
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A1AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1

43 B
766 B

32ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOOO69UBMAE&v=APEucNXheu_3oj0ntzOupG2KoMIGLnink3vixNw5y9rRruejLqGl4lUjoy7V59Ofj6qiVpSKZLlrc9JOWN-LZ1NkJLKaBFQntJwzUBMGpnsOTHOCqRMOFTIKxHxFdyiWryQi__uzvcwxMSmEii_2Vb4mnyMzQw1UN4A22udL6sP9XLblF2twT74
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A1AC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1qKcoDI5NsSU-w0-SDCYQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOOO69UBMAE&v=APEucNXheu_3oj0ntzOupG2KoMIGLnink3vixNw5y9rRruejLqGl4lUjoy7V59Ofj6qiVpSKZLlrc9JOWN-LZ1NkJLKaBFQntJwzUBMGpnsOTHOCqRMOFTIKxHxFdyiWryQi__uzvcwxMSmEii_2Vb4mnyMzQw1UN4A22udL6sP9XLblF2twT74
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsl2whM8jjn54BStgt81z4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A1AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1

43 B
1014 B

51ms
43ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOOO69UBMAE&v=APEucNXheu_3oj0ntzOupG2KoMIGLnink3vixNw5y9rRruejLqGl4lUjoy7V59Ofj6qiVpSKZLlrc9JOWN-LZ1NkJLKaBFQntJwzUBMGpnsOTHOCqRMOFTIKxHxFdyiWryQi__uzvcwxMSmEii_2Vb4mnyMzQw1UN4A22udL6sP9XLblF2twT74

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
AN-X-Request-Uuid: 67eb86cd-b53b-470e-8642-c06a6e5cb721
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENQ2Qswg75rnRJDlfZgeNjs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A1AC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D

170 B
188 B

62ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
AN-X-Request-Uuid: c6273d64-faaf-423a-90d8-c9ec2ac958e1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyODQ1MzM0OTg4NTc3MTQzOQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6AA7 0
26 B 87ms
51ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9656 0
26 B 94ms
59ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/eng/news/2022/10/17/7372356/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D645 0
104 B 157ms
27ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDxuMesrGJHuXX1FopmjQ7g&google_cver=1&google_push=AZmPxg9tV3jv5OSUIhL5ooUVmfRFi9Nf9QLTO--q28Zly5N5We7mw2EH4dhiVQJZLaKtvAhBrHhLqfkrARoSEZ09PooMVSVRuRVW
Requested by: Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D645
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIuEL4pSwkTKML8-15zkecY&google_cver=1&google_push=AZmPxg_i6iIbIk44chtmtYoadi892iu_lksiB-qSbUcSnM6xorpf7tYgZ_Bg4ati39v8Py5aSZFmIOo83WKlTIQo9ynCML_...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_i6iIbIk44chtmtYoadi892iu_lksiB-qSbUcSnM6xorpf7tYgZ_Bg4ati39v8Py5aSZFmIOo83WKlTIQo9ynCML_95LLH&google_hm=MjA1NTUzMTA3MzIxNDc4NT...

170 B
188 B

35ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_i6iIbIk44chtmtYoadi892iu_lksiB-qSbUcSnM6xorpf7tYgZ_Bg4ati39v8Py5aSZFmIOo83WKlTIQo9ynCML_95LLH&google_hm=MjA1NTUzMTA3MzIxNDc4NTc1Nw%3D%3D

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Oct 2022 13:41:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_i6iIbIk44chtmtYoadi892iu_lksiB-qSbUcSnM6xorpf7tYgZ_Bg4ati39v8Py5aSZFmIOo83WKlTIQo9ynCML_95LLH&google_hm=MjA1NTUzMTA3MzIxNDc4NTc1Nw%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D645
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEN4fIJMnc0_bAh-xBSDXMTU&google_cver=1&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7z2...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN4fIJMnc0_bAh-xBSDXMTU&google_cver=1&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7z2EmxcZ

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7z2EmxcZ

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_PR-7hnjUg-jtPyD8KF-mGSqCMMRFi7v5MTcJhS-gVOwGlrbexGsMFwdIkRExyZ1_zkaTuq4FAXdXZ0va-uXL-7z2EmxcZ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D645
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZZB6Sf...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwMDExNzQyMzg5NzA0NTUwMA&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZZB6...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwMDExNzQyMzg5NzA0NTUwMA&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZZB6SfyWgd6AIYMxVuQYDgV6c

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwMDExNzQyMzg5NzA0NTUwMA&google_push=AZmPxg9u5V2Ev2WcxDSog4u8j3IM2OV5JinfFTrPm6NjpinGrdrWljho9Cx7hHJ-hosuGu91xpZZB6SfyWgd6AIYMxVuQYDgV6c
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D645
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Yq9-YbTTMyRHUhEWk3Ljw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

28ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Yq9-YbTTMyRHUhEWk3Ljw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9Zr-xDR2jTq0-_sIlF4ntf10P03S_eh5akHzygueEqNEsx2F-qpEd4M1NxfVOZ4Fskvkn6C1d69yz5AFvkbQEcveYfhm-a

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Yq9-YbTTMyRHUhEWk3Ljw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9Zr-xDR2jTq0-_sIlF4ntf10P03S_eh5akHzygueEqNEsx2F-qpEd4M1NxfVOZ4Fskvkn6C1d69yz5AFvkbQEcveYfhm-a
date: Thu, 27 Oct 2022 13:41:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D645
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJARlxm8QvzC24sx1WB2jB0&google_cver=1&google_push=AZmPxg9Ss8F7g7i653-vGf16lU1CmNVnl8s-LDs5j2opb3JTz_9qa_EFTs2FI0hOc8HGE4SuyKg...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY&google_push=AZmPxg9Ss8F7g7i653-vGf16lU1CmNVnl8s-LDs5j2opb3JTz_9qa_EFTs2FI0hOc8HGE4SuyKggwgffmoXSGlAMePOa8MVTBm5V

170 B
188 B

43ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY&google_push=AZmPxg9Ss8F7g7i653-vGf16lU1CmNVnl8s-LDs5j2opb3JTz_9qa_EFTs2FI0hOc8HGE4SuyKggwgffmoXSGlAMePOa8MVTBm5V

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY&google_push=AZmPxg9Ss8F7g7i653-vGf16lU1CmNVnl8s-LDs5j2opb3JTz_9qa_EFTs2FI0hOc8HGE4SuyKggwgffmoXSGlAMePOa8MVTBm5V
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D645
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENUHcpi1sJAaCyCscwLhfdE&google_cver=1&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwBsklEOkHzpZqPcAr9_tMsEPk-bIDeTZMJfbZtO8fnxwE5
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwBsklEOkHzpZqPcAr9_tMsEPk-bIDeTZMJfbZtO8fnxwE...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUwMTEwNjM0NDM2NDU1NzUzMzI2MQ%3D%3D&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwB...

170 B
188 B

42ms
41ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUwMTEwNjM0NDM2NDU1NzUzMzI2MQ%3D%3D&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwBsklEOkHzpZqPcAr9_tMsEPk-bIDeTZMJfbZtO8fnxwE5

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUwMTEwNjM0NDM2NDU1NzUzMzI2MQ%3D%3D&google_push=AZmPxg9AB8J3j8eZrH1d_iRhDUVv6YBEKFOIfzZa8lakuwjN0zl9EMwBsklEOkHzpZqPcAr9_tMsEPk-bIDeTZMJfbZtO8fnxwE5
date: Thu, 27 Oct 2022 13:41:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D645 0
12 B 57ms
21ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRXFWe33wHk1IlCNSVON02ApeLU0nEE1FMognGc1UaYuKi1JjMEklPZFFk9-uU0kZYF7hy

Requested by

Host: b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
URL: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 544C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC-5gW3x74mUrf-TrZEW6Ls&google_cver=1&google_push=AZmPxg8nek-9qCcgP7LQq9zwVYNTWKi9EDY87VJr9UGttLg42pJFOT3sbrhV7h1Ln_SWjPGLKStlMI82aFLra5TdOxfHY9adjfJw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAxNjQzMzc2NDMyMjc5Mjk0MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC-5gW3x74mUrf-TrZEW6Ls&google_cver=1

43 B
398 B

67ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC-5gW3x74mUrf-TrZEW6Ls&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC-5gW3x74mUrf-TrZEW6Ls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 544C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NXdESDdranExT08zODY1&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&google_cver=1&google_push=AZmPxg_k-ekOetI3yiq5l2g78TDBjY3z7xYYHjc9LHFBb-4...

170 B
188 B

33ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NXdESDdranExT08zODY1&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&google_cver=1&google_push=AZmPxg_k-ekOetI3yiq5l2g78TDBjY3z7xYYHjc9LHFBb-43MfQgQLoRI3YBYKE1gpvXtbRCnxmkL-i14trt6LODt-QEHnzi8zP3

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:06 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0cc766d172cabf844@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NXdESDdranExT08zODY1&google_gid=CAESEO2dSa2x6BvmPMOxrc4yXEw&google_cver=1&google_push=AZmPxg_k-ekOetI3yiq5l2g78TDBjY3z7xYYHjc9LHFBb-43MfQgQLoRI3YBYKE1gpvXtbRCnxmkL-i14trt6LODt-QEHnzi8zP3
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 544C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED1LXUy9I6AEXfbLUUg66uw&google_cver=1&google_push=AZmPxg9oYYW4Oh8spqxfcY_fW0W2YMm05FaVK37eiCN6fCcogprTEvB7sl69pb-XnKZBAxukc9GJIzjSOmUOdgRo...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oYYW4Oh8spqxfcY_fW0W2YMm05FaVK37eiCN6fCcogprTEvB7sl69pb-XnKZBAxukc9GJIzjSOmUOdgRoFxBmOKrPGP_7

170 B
188 B

43ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oYYW4Oh8spqxfcY_fW0W2YMm05FaVK37eiCN6fCcogprTEvB7sl69pb-XnKZBAxukc9GJIzjSOmUOdgRoFxBmOKrPGP_7

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 Oct 2022 13:41:06 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x15 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oYYW4Oh8spqxfcY_fW0W2YMm05FaVK37eiCN6fCcogprTEvB7sl69pb-XnKZBAxukc9GJIzjSOmUOdgRoFxBmOKrPGP_7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 Oct 2022 13:41:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 544C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKwwh6EDRml6BX70nKKC1aM&google_cver=1&google_push=AZmPxg_Pf7pXW5JD3VfblSrk_7gGDtMWJ87ArGl2wWksWsksX8xBr-iFPLt9ydqy1J7x_6F-cmTvctMixjt...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_Pf7pXW5JD3VfblSrk_7gGDtMWJ87ArGl2wWksWsksX8xBr-iFPLt9ydqy1J7x_6F-cmTvctMixjtK9cG8-lE7gAtJgmU&google_hm=T-A3GB1-RVChs7itM6BSe_Y

170 B
188 B

43ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_Pf7pXW5JD3VfblSrk_7gGDtMWJ87ArGl2wWksWsksX8xBr-iFPLt9ydqy1J7x_6F-cmTvctMixjtK9cG8-lE7gAtJgmU&google_hm=T-A3GB1-RVChs7itM6BSe_Y

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:05 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg_Pf7pXW5JD3VfblSrk_7gGDtMWJ87ArGl2wWksWsksX8xBr-iFPLt9ydqy1J7x_6F-cmTvctMixjtK9cG8-lE7gAtJgmU&google_hm=T-A3GB1-RVChs7itM6BSe_Y
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 544C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxupJmDCP...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJjP5bEN6cmiNFvuqiViDsQ&google_cver=1&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxup...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjg5NjMzMjg3OTc0OTc5Nw&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxupJmD...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjg5NjMzMjg3OTc0OTc5Nw&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxupJmDCPeY7_L0Yi4RNFwKTZPllH

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjg5NjMzMjg3OTc0OTc5Nw&google_push=AZmPxg-UItHKn4GVnzKRiTadOtDng16WiKjvNLCugxpb5M2Gy2eGSp2wFo4N7C3uAvb5wzhqxupJmDCPeY7_L0Yi4RNFwKTZPllH
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 544C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NEr-Olv-TEqw_zsYiHLSUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

24ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NEr-Olv-TEqw_zsYiHLSUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg90bZz-udshyfvRKG6R366qIT_85d5AK8kgs17w0hke4n__tazVmsNnGw3XusbZ8YiN5PStziBtsTr3pH-DEeHpkz97vYtU

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NEr-Olv-TEqw_zsYiHLSUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg90bZz-udshyfvRKG6R366qIT_85d5AK8kgs17w0hke4n__tazVmsNnGw3XusbZ8YiN5PStziBtsTr3pH-DEeHpkz97vYtU
date: Thu, 27 Oct 2022 13:41:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

/
onetag-sys.com/match/ Frame 544C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKJ5cpCXI5xg4rYOWjVp5E4&google_cver=1&google_push=AZmPxg_SNUEQoA5kAcZUoncey34DOrh1mv9hoNWQ6ntjBMH_h4WEXpNG_7jZBhtK6jwpDsrjOjm3r5uL0j_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_SNUEQoA5kAcZUoncey34DOrh1mv9hoNWQ6ntjBMH_h4WEXpNG_7jZBhtK6jwpDsrjOjm3r5uL0j_6wsfv4je1oBDNYKqc
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

22ms
17ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 544C 0
12 B 57ms
22ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-zm4qAzgSUtZMty6hCDzHOns_-121jxGR6vx8X_uQtZacYi-nUv7vXmtuH9phlJ4bLaPqiQ

Requested by

Host: 3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
URL: https://3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F768 36 KB
16 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:40:42 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 18AC 36 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:40:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F768 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlkUZcYpaY4-lGtiR9u8P8aCEmAoAAAAAOAHgBAI&bg=!jI-lj8vNAAZPh4lnb4c7ACkAdvg8WoE0EjKvZ1_mdYokAtXrzCp2p5XwPBK7uJ-jtDe3SumxZDpJ7gIAAADWUgAAAARoAQeZAvShwY63E_dLTnyg3IxLT6SYCiWZ1m_Rlyxcq9nfRCxR4JsuRC-UYGDJKnwLGoaWgyoJxakyOpTJM5sNjLRagYyRS_vezJmVoKw_51z4E5b6p8G-8m9U376-e_IH48IocYIl-8gHYCoiUHhH1Vll4Bf53zllLOO9rdAdoctJgyGmxVQXSS3cbL4dln3CTmTklHhFW85mGEsli4hD5IPtGLs9FJebz36qObAGNq87y-SGb9A8VlBicDIze8rFHl23YjFPQmG2RVnSy7-FPOJrvd3Z_xjU8IRwXrh_jDFhySokvfJItlIEYidIlxry03-pT-msyGjMrusmCs3lhObuAjW_kMY_hKZrJiHTSZVHlvV2Vyi2lcn5WI7pNAthFvgSCFTx4M_e2BZKYnhgm2ByoWnWAWusFbkH2s-v8ss8z0MR2K142086tPdEGpFMJkIi5mkgxqBDSH7CNWGeq-zjqkHQXNSy_3lQPRym7GD6LqV_uUQwKJD36kRUQAgsrir46tuNwDbC4kAPptZdPrN4jkuVXNIZ8CyXhh_QhlstI9O_AXvrjeAXMF7pYOuipwxGHXQV9y1MWeGVRxyKAg8zKYoHfDqgd_1XPBPLzW6ao5-lF7IdyA54NYdUu20bmlDKwFHrlM6nlbCSlTu3jneDbP_BCziG-InRjjL3Rsux8yB0kSB7vn6DfBTuL9GYS3KC8GPa0Q_JsdJTScYkl-W_rnXjHJO8svF19Ig3-FVpLFrzKmkKpwR2r7T4pmDPBuPez-zVT5-_z4TZHlEvL6XfAiwFCeICmaiJE65-ZyIjvt8gj5B4VpP40bh5VGKAN_Qn_Um-Sl5uU9xrHpDyv5mp5lg4M_7UoT9RwkqZsl-0nDH_nWdcpzLngjFJwHa3n_X7Vb71zy2F-x6vUh27gPh5nAaPPZQqYMlGnhG8JBcPsLn0yNPYXSXkmfg1963q3PJ9tG24826T_LIXLkMjdf9Ob1v32tKJJsKEP_9gDaRMnL-NTf17rJM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18AC 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-oc7cYpaY5ClGtiR9u8P8aCEmAoAAAAAOAHgBAI&bg=!6uml6a3NAAZPh4lnb4c7ACkAdvg8WvC-I_QZW20Gq_yQQxbX8uSt1lrPkf9Br0EimCLhWeaGwomt3wIAAADFUgAAAAZoAQcKAEmEZDQCrcDUMmDZIcS6sAuLpcaXT3GSPc8yIZ5LKXdANOwMzQKSAh2xI0fT5AmAf5qME6FTPQwAQcUkbfYgnVKrNm1GaGVfBlMPmQLkvrlpWZALTTU3Vi-3Laeb2b2Yy5ra1kABNz4VNwgDbDZMOpDNrHf1pvrgocz0adldczFN39dsmZeJww22miuc3lATNOdwNpWZJee57mCSjwZDBSkikd2mbgfiErAyVZdXO5S7xd6nvqeCya6K0v5NGpoaGYl6EwNzTb_0IG2SCy7j1PrQ7pDdq66x4Cd3hY9PF5YS97dxrZZCxo3GYbrCJzgrNjkECXk1X57kw8pqgF-38xUZiGbYWmDKz-cJz9S_ZVa-pxps3Bug1D6Lj3xWkD4ghkmeMf46wQCxwf84FJjdnAPHt4EgPemALT5tDqcSbVkygOAgB3UWyzHLeSB77QvyqIWTfy9icSxvHYdpZlLnWq5qcRkhNn-W2srWx_ABQKUEgA3V-C8WHShiIeln2GhLnc85LDQhobp1JwEcBMsgoej8R5tl-x5ccfbyamGU7V1sHs8JJ-sWNQsS29rZVdsBhqSIuvPDaY_O3fetr2jmolDUypiZLtY4xt5url9PihDV_l4zJgtoZZOUbzmDGnAnGgb3B8NgtN4lR1q1nG14kbLwmbPygX6Gv3mNLYLhvm2SCaOuJu1_3rCrqtO1V8FELr7gt2shO9HrBQLnaRSUKVQBCMeTHqlwNyYxsCrioBOTguTrLaT8d8tcsBhkGeBuePShDenPdygce-giPt0srpMwz9YOxazjbHVI9v5qrU2sWORBe182a4qQzE916MkAwF1G52MBuvu_yPDj0mOnwS4i2iMbTeOjI6Hlvs-58WxvPq3S47BBa3Ad8tEQjR2SILiw4tF6zUuaMo1lS__xVvygGm5U9hhONpfOX5sNbh3Y9DZ2zWFJ4nNKPLM95u129GEj7jYP2o7poHDYOSszCc63mN3Dx-ZIUkdZsfcnFSs6x4yyUmVSx-ojiaX0l0yXD_flwzW-IAh0Qvo4ZNEj00tmLUt1nMZ3AA_bShdmmS2QjaosgXuKW6HCyDFK5Ja7-rs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9656 42 B
64 B 85ms
55ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstALiZI8iofPwAsJN3Z6vgPYzLLdGNcbfLwJVgnKlWhMSlW_Ix7FuDrhrYap6BJYRU25AIGzw8UW9WeszDFlIKPPs-pfOs5hmpGItbqMSSlBWo5WDe1dygj7T2IcMHTCZWPAvV3_Q&sai=AMfl-YS_edm2a0jIWkqA6UZH71NX5h7xlyTgdgB40ybtb4jj9eA1Rtw5bDSmSsSkrEO-cSN4eyelwxfxfPhgYXI3FmdxOSJBKjCnWQh_wih_3HwA_oLhLYj1CfVX6IoM7Q&sig=Cg0ArKJSzDtMhZQaIuv9EAE&cid=CAASJORok2BhVSNPLb0ZIlO8rCGWnHHReY7LDKWFiC4lpNFLYw8HKQ&id=lidar2&mcvt=1000&p=274,1188,874,1488&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3496814899&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666878066062&rpt=494&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 9D2B 0
0 16ms
16ms Document
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13408038
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date: Thu, 27 Oct 2022 13:41:08 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pod: X-Sovrn-Pod: ad_ap7ams1
pragma: no-cache

GET
H2 200 sync Show response
eb2.3lift.com/ Frame AA18 37 B
139 B 8ms
8ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 27 Oct 2022 13:41:08 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 75FB 281 B
573 B 32ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Oct 2022 13:41:08 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 67E7 52 KB
17 KB 35ms
7ms Document
text/html 88.221.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-189.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 27 Oct 2022 13:41:08 GMT
ETag: "623de86a-cf34"
Expires: Fri, 28 Oct 2022 13:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame ECEA 3 KB
2 KB 50ms
18ms Document
text/html 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1095
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 760bd8f71d209a33-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 13:41:08 GMT
expires: Thu, 27 Oct 2022 17:41:08 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 75FB 32 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 13:41:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22639
Connection: keep-alive
Content-Length: 9454
Expires: Thu, 27 Oct 2022 19:58:27 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 67E7 0
741 B 7ms
7ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
AN-X-Request-Uuid: 5c65816f-a87a-4151-aa25-9e43c6a5a687
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 4625 2 KB
1 KB 75ms
52ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1043be4cc3a66f327b98cae06bb974fb0450dce400e0c83a0e259320a298f79

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 760bd8f778b79b40-FRA
content-encoding: br
content-type: text/html
date: Thu, 27 Oct 2022 13:41:08 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4625 70 B
264 B 103ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 13:41:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 4625
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEChlhIgAZn_aHr-qPCu8XE4&google_cver=1

43 B
592 B

53ms
42ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEChlhIgAZn_aHr-qPCu8XE4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 760bd8f81ad79253-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEChlhIgAZn_aHr-qPCu8XE4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4625
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB&dcc=t

43 B
855 B

112ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9P1VEFETSPWEW6Y507F3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 449HA91DVVWS54PHAV4C
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4625 43 B
602 B 35ms
34ms Image
image/gif 2a05:d018:d29:3601:2eb1:fd74:c477:e429
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y1qKcoDI5NsSU_w0_SDCYQAACJgAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:2eb1:fd74:c477:e429 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4625
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682602868&external_user_id=9a1348cd-c699-4377-a3ee-a1790b1d0c82

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682602868&external_user_id=9a1348cd-c699-4377-a3ee-a1790b1d0c82
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 27 Oct 2022 13:41:08 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682602868&external_user_id=9a1348cd-c699-4377-a3ee-a1790b1d0c82
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 4625
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=c31aa669-9806-4071-b1b9-017538bc6e40&ssp=index
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=59688bf4-b039-46ee-8342-948fc13ed8c5

43 B
766 B

69ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=59688bf4-b039-46ee-8342-948fc13ed8c5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=59688bf4-b039-46ee-8342-948fc13ed8c5
Date: Thu, 27 Oct 2022 13:41:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 4625
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1qKcoDI5NsSU-w0-SDCYQAA%262200?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1qKcoDI5NsSU-w0-SDCYQAA%262200

42 B
942 B

34ms
34ms

Image
image/gif

52.19.103.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1qKcoDI5NsSU-w0-SDCYQAA%262200

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.19.103.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-103-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-043da1e93.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KkvaEJmVSgk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v044-0cad15b9d.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 60px9uFPQvc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1qKcoDI5NsSU-w0-SDCYQAA%262200
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4625
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1928453349885771439

43 B
766 B

23ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1928453349885771439
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
AN-X-Request-Uuid: d7e08318-138f-40f3-bf42-c9f2e39a915d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1928453349885771439
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 4625 43 B
353 B 79ms
29ms Image
image/gif 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y1qKcoDI5NsSU-w0-SDCYQAA%262200
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:08 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 54803
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 760bd8f82828bb3d-FRA
content-length: 43
expires: Fri, 28 Oct 2022 13:41:08 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 75FB 70 B
265 B 94ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 13:41:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 75FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENpEXuzrKS3uyw1yVhnwFik&google_cver=1

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENpEXuzrKS3uyw1yVhnwFik&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENpEXuzrKS3uyw1yVhnwFik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 75FB
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R45UFH-J-KUDX

0
709 B

178ms
159ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R45UFH-J-KUDX
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:41:08 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F043FE11A52C4D7FBA2D284423C35313 Ref B: FRAEDGE1814 Ref C: 2022-10-27T13:41:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsBEspfz+8JbWTAeG+xQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9R45UFH-J-KUDX
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75FB
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWYwODBmODdhNjk3ZTMyYzc0ZmIxZjdlZDliYmQzOGRhNGM3NTA0MQ

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWYwODBmODdhNjk3ZTMyYzc0ZmIxZjdlZDliYmQzOGRhNGM3NTA0MQ

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWYwODBmODdhNjk3ZTMyYzc0ZmIxZjdlZDliYmQzOGRhNGM3NTA0MQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 75FB
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/DLiA1d62cxGsaXAom9DWEA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2055531073214785757

0
239 B

10ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2055531073214785757
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 27 Oct 2022 13:41:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2055531073214785757
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75FB
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY

170 B
188 B

25ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:41:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSNDVVRkgtSi1LVURY
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 75FB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IDE1xH_9SK2J_qLOi_cY8A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IDE1xH_9SK2J_qLOi_cY8A

43 B
479 B

102ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IDE1xH_9SK2J_qLOi_cY8A

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X2QXBXZ51A7FWXHNYH52
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IDE1xH_9SK2J_qLOi_cY8A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 75FB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WMUfWqTySgSOlpU31RARvw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WMUfWqTySgSOlpU31RARvw

43 B
479 B

38ms
38ms

Image
image/gif

52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WMUfWqTySgSOlpU31RARvw

Protocol

HTTP/1.1

Server

52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W2CFJ5W3N8RZ1183REYV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WMUfWqTySgSOlpU31RARvw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 67E7 0
741 B 17ms
17ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:41:09 GMT
AN-X-Request-Uuid: ece7ee96-bc61-483a-b629-2d23841ee793
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pravda.com.ua/	1970-01-20 07:01:18	Name: __io_d Value: 1_2949938387
www.pravda.com.ua/	1970-01-20 15:46:54	Name: __io_lv Value: 1666878064615
www.pravda.com.ua/	1970-01-20 15:46:54	Name: __io Value: 077ed9fc5.19f938b2e_1666878064616
.pravda.com.ua/	1970-01-20 07:01:19	Name: __io_session_id Value: 855a3937b.f0dae6d8f_1666878064628
.pravda.com.ua/	1970-01-20 07:01:18	Name: __io_nav_state45252 Value: %7B%22current%22%3A%22%2Feng%2Fnews%2F2022%2F10%2F17%2F7372356%2F%22%2C%22currentDomain%22%3A%22www.pravda.com.ua%22%2C%22previousDomain%22%3A%22%22%7D
.pravda.com.ua/	1970-01-20 07:44:30	Name: pageviewCount Value: 1
.pravda.com.ua/	1970-01-20 07:02:44	Name: _gid Value: GA1.3.1325648876.1666878065
.pravda.com.ua/	1970-01-20 07:01:18	Name: _gat_gtag_UA_554376_1 Value: 1
.rubiconproject.com/	1970-01-20 15:46:54	Name: khaos Value: L9R45UFH-J-KUDX
.rubiconproject.com/	1970-01-20 15:46:54	Name: audit Value: 1\|hLZGFuTafB3YHf5AJNJIcbJGe4Ni1ThWK2euPP2lVg3CRi4Lg8bJK4gYJw8Cac98eoT9X/F78UptrWIvZJIuaCoz2L3XiTieC/O3DfsjtcTQD5U7tEfUTQ==
.admixer.net/	1970-01-20 09:10:54	Name: am-uid Value: 8d980223e19d4286b950edc505723f9f
.pravda.com.ua/	1970-01-20 16:37:18	Name: _ga Value: GA1.3.792837501.1666878065
.pravda.com.ua/	1970-01-20 07:01:18	Name: _gat_gtag_UA_554376_23 Value: 1
.pravda.com.ua/	1970-01-20 16:30:06	Name: __gfp_64b Value: B2Bwhxi99tqFuHs48rIDRj0YdQPbubUqUeOHIn3L6GP.47\|1666878064
.hit.gemius.pl/	1970-01-20 07:11:22	Name: Gtest Value: KlSLnRGGQMGGX0ZyLiAYBX9issGMXP8c25nSG4OMS5LBXBG.
.adnxs.com/	1970-01-20 09:10:54	Name: icu Value: ChgIgO9-EAoYASABKAEw8ZTqmgY4AUABSAEQ8ZTqmgYYAA..
.adnxs.com/	1970-01-20 09:10:54	Name: uuid2 Value: 1928453349885771439
a4p.adpartner.pro/	1970-01-20 08:27:42	Name: apuid Value: d883da4b-94c3-481e-81c7-bcd5407f15d9
.hit.gemius.pl/	1970-01-20 16:30:06	Name: Gdyn Value: KlSCgMXGQMGGX0ZyLiAYBX9issGMXP8c25nSG4OMS5LBFRxSG7RrGS6GY99BFlMMYH7hRjBGqSRxSG8.
.doubleclick.net/	1970-01-20 16:22:54	Name: IDE Value: AHWqTUkpo6QhOmY4sQoAmrc97UtdycTWOn_q1KnxbBXZ3HuS7SFEFjsmGABwK9gR26g
.pravda.com.ua/	1970-01-20 16:22:54	Name: __gads Value: ID=5f479d82c795d50e:T=1666878065:S=ALNI_Ma_eYbBSRkGUxCwhUGxyy2qSuorzA
.pravda.com.ua/	1970-01-20 16:22:54	Name: __gpi Value: UID=00000b78c84e52fd:T=1666878065:RT=1666878065:S=ALNI_Ma0uW-Enl75zuYX-NGGAm_og6QJmw
.pravda.com.ua/	1970-01-20 16:37:18	Name: _ga_MRSXWZPM31 Value: GS1.1.1666878064.1.0.1666878066.0.0.0
.criteo.com/	1970-01-20 16:22:54	Name: uid Value: 7eaa6367-520d-4669-8cf9-ecf1ec7ce670
.pravda.com.ua/	1970-01-20 16:22:54	Name: cto_bundle Value: 4YDMBV9QaSUyRlhiZExmb09VMTEyeDAzbEZadjNPSWVHa0JVTjVhUGlDS3hPaG9BV244WUl6a0llNEZyZ2RIZWI3UHpGd0tNN0dQTFlQcHVhVzBrelpWaGRNYWNXNHJxcXI0amNoSmVZS00lMkZKVFlwY0wzbHM3VDB2TEE2Q2RDY3IyaGk3eGlJa1gzUThpWWVMSGxTR0ZaWWlPOWFnJTNEJTNE
.adnxs.com/	1970-01-20 09:10:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilaohzw4!]tbPl1M>e)ZlrFUfJ+tGXxoLXQb->L.PT$?0tCR=5<^nLI*AU_/!:i^Dg'53If)y3KL9D3I?+ZYHJ`K
.3lift.com/	1970-01-20 09:10:54	Name: tluid Value: 4501106344364557533261
.casalemedia.com/	1970-01-20 15:46:54	Name: CMID Value: Y1qKcoDI5NsSU-w0-SDCYQAA
.casalemedia.com/	1970-01-20 09:10:54	Name: CMPS Value: 2200
.casalemedia.com/	1970-01-20 09:10:54	Name: CMPRO Value: 2200
.w55c.net/	1970-01-20 16:31:32	Name: wfivefivec Value: 5wDH7kjq1OO3865
.mathtag.com/	1970-01-20 16:27:13	Name: uuid Value: 65ae635a-8a72-4c00-9c46-ba698ce9cb68
.mathtag.com/	1970-01-20 07:44:30	Name: mt_mop Value: 4:1666878066
.ctnsnet.com/	1970-01-20 15:46:54	Name: gid_CAESEKwwh6EDRml6BX70nKKC1aM Value: 1
.ctnsnet.com/	1970-01-20 15:46:54	Name: cid_4fe037181d7e4550a1b3b8ad33a0527b Value: 1
.adform.net/	1970-01-20 07:45:56	Name: C Value: 1
.pubmatic.com/	1970-01-20 07:02:44	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 07:44:30	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-20 15:47:15	Name: A3 Value: d=AQABBHKKWmMCEG_NCgxL9ZOdVX1ppsIIPH4FEgEBAQHbW2NkYwAAAAAA_eMAAA&S=AQAAAn9W-Db-dx6XiyVwfeZ_MtU
.de17a.com/	1970-01-20 15:39:42	Name: guid Value: 1.5737726334411324245
.turn.com/	1970-01-20 11:20:30	Name: uid Value: 4016433764322792940
.pubmatic.com/	1970-01-20 09:10:54	Name: KADUSERCOOKIE Value: 344AFE3A-5BFE-4C4A-B0FF-3B188872D253
.adform.net/	1970-01-20 08:27:42	Name: uid Value: 2406896332879749797
.bidswitch.net/	1970-01-20 15:46:54	Name: tuuid Value: 59688bf4-b039-46ee-8342-948fc13ed8c5
.bidswitch.net/	1970-01-20 15:46:54	Name: c Value: 1666878068
.bidswitch.net/	1970-01-20 15:46:54	Name: tuuid_lu Value: 1666878068
.company-target.com/	1970-01-20 16:37:18	Name: tuuid Value: 9a1348cd-c699-4377-a3ee-a1790b1d0c82
.company-target.com/	1970-01-20 16:37:18	Name: tuuid_lu Value: 1666878068
.demdex.net/	1970-01-20 11:20:30	Name: demdex Value: 90003856189987409990745073666287794103
.dpm.demdex.net/	1970-01-20 11:20:30	Name: dpm Value: 90003856189987409990745073666287794103
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:46:54	Name: bcookie Value: "v=2&cfe3e979-9438-4501-8e79-c474800233eb"
.linkedin.com/	1970-01-20 11:20:30	Name: li_gc Value: MTswOzE2NjY4NzgwNjg7MjswMjF83V2wW2LAsfKwWycafHcSCFkfc/3IB/iuAW3L7TwO+w==
.linkedin.com/	1970-01-20 07:02:44	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2455:u=1:x=1:i=1666878068:t=1666964468:v=2:sig=AQEs9Wqq-7jSLfTa532UJSHNYXPB3Orn"
.amazon-adsystem.com/	1970-01-20 16:37:18	Name: ad-privacy Value: 0
.scoota.co/	1970-01-20 16:37:18	Name: tuuid Value: c31aa669-9806-4071-b1b9-017538bc6e40
.scoota.co/	1970-01-20 16:37:18	Name: c Value: 1666878068
.scoota.co/	1970-01-20 16:37:18	Name: tuuid_lu Value: 1666878068
.casalemedia.com/	1970-01-20 09:10:54	Name: CMTS Value: 5160
.amazon-adsystem.com/	1970-01-20 12:56:58	Name: ad-id Value: AztZA9Qn_k87nz4BnZVY5Lg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b0f38a7eec9c207badb2e96d1f7846e.safeframe.usercontent.goog
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
b3befb042fc4b7ab93cd388d8972138f.safeframe.usercontent.goog
bidder.criteo.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.indexww.com
cdn.membrana.media
cdn.onthe.io
click.mlsend2.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dclk-match.dotomi.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
img.pravda.com
inv-nets.admixer.net
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.scoota.co
r.turn.com
region1.google-analytics.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tt.onthe.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.pravda.com.ua
x.bidswitch.net
ym-tack.b-cdn.net
104.18.12.76
104.18.13.76
104.18.18.126
104.244.42.136
107.178.251.122
13.248.245.213
142.250.181.226
142.250.186.162
142.93.164.116
146.0.227.110
146.59.30.108
172.217.23.98
176.34.247.153
178.250.2.146
18.156.195.47
18.196.93.7
185.29.134.244
185.59.220.194
185.64.190.78
185.80.39.216
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.169
216.52.2.39
23.205.235.133
2602:803:c004:200::140
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:51bf
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c1b::9a
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:12::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:2eb1:fd74:c477:e429
2a0c:5c81:5142::2
3.122.77.49
3.127.121.199
34.111.239.200
34.96.71.22
35.186.193.173
37.157.3.28
37.157.3.30
37.252.172.123
37.252.173.38
51.83.220.94
51.89.9.251
52.19.103.22
52.223.40.198
52.46.151.131
52.94.220.185
54.37.238.28
69.173.144.139
69.173.144.165
88.221.168.189
89.187.169.47
95.216.24.150
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06740a581aac9281f5162c117c21d28d249504e6c663b28a1f3b1c93ba54b4f1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
0c129e0b70d74ce64c54acd41c21d459255a6e4e4b2c00060498544396428852
0dbebe5d44984364b3d7365b8882a3430a0459e880b6b9a73d87ba7ebe6e269c
0ea9acd126bbd71a7b9386f04dcaac522323120ce4fb46e20375d6a90d26c8cd
10cb6a50899e9de247a11650bd0a70382625097bb38ca72e8e2d9aab66e110e0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
160c3c2a91c2e21458f8b93ba11490e1183723a6b0b50335ce3dbfee67c17fea
1887475f57df18fd51f0f3c3e85532d75f47a77764eed287622493839f5c43fb
1c298c32336bc70c78f99c058faca4d3999e04cc91e1d7f114dd3b5c7cf81e02
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
24d5348134b2f14ad5380dc0eed487a7ef0d8fb8d396a6f173dd790c7ca4884b
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
29a1a191b3918703a38e5ce9bdae2ed12e62082f45b8e2407eeacc0417df9fd3
2b1b51ee6c7679c783c7162538cbde74c3ef3d5d2137d33bd6509e5a77c3843d
3036fb8ac8370b574d33a303cf33bbe62bdc9be02b6f6a9c510758521669f5fc
332627bfd8b55370a683a6a4f4be64134a025e55f406dfcb8ca1c675fa3a2eb2
338aa77590082270f139cb5243d5dbb85989ffaa10b180c6ce8d788f47ee7c34
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c0aa3cab3394ad175672e7c8e6af7dc49a07599b35439332398f6e7e038b5fb
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8b42424702c9f88381d064985b720e2da085b15d7f4f3c2dee3a221859453a
3f9654c7d8ec2b583386e2b51c7486973b2cc3973f6445355358008280f5168a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6412f79f3afa76d6b77429b0b4a5edb795f4d5577711f327957b2d87446e31
4d203642fd48826c6fa8f9b897a6c7860517b650d5255700f30bcdc6b07325d9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5384a066982276b144c2b5c5167c0bd12a4193211016c6a540da791eeeb64bc8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c1d8ef0c9db66267049d798caacdcaf3d77dd792f3d77eee2ea2fed280eee0
5833296d297e3611ee9e4c99818ae8c389c86a88593d15d875b964a69274a957
5912788717c50fe0b9788091106264b25a70b571b65669acbeb1d798a69887e8
59b5b310a6f2e74d8c3d02437ff10354e0822bbe110ea877f876ba153f282a23
5b4ad60c6d9c42d733aefbdddc3265363ae13d49e5e9bae6dc3326b1f53099b3
5bcf40695e94fad0412955244b79a9de0b41c7d8f94f7b95aa53013f4e6f8101
5c18d5459a9936968a8b0e4c7a72ee22c735d7ceae81511a23a2aa96caed0b67
5d34ed9a98202af090ec03a5022c7ba1955cb4a5178607c7095245489265913c
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f81619c81dba785d1cfcaceffc3ad3dac5aca8514beb59e14e29c7254868d2
631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dc7458475c35c783beb00af4f2d473f15f6e61643494429c3db82b895ec5fd6
743e33588e78aa207e63850e690cdf2c1da208dbf2d2372abae8fd52515c609c
74f7c4be2b6464f5a960eae7f09813fb14c69c4d2ad7b064acf66d6a55aaf450
78a1d946e8b875398db0b0c8a9f441c6051c617f74004bcd285ac974d9eba496
79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0
7a5855328aef8d1bb5d7e11e052c73f5724da0297152f38174262eaaac71eeb5
7d4cd515598b21cd963f20e9d7179924828fcb1d60c541dfbbe859bcaba3438c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81b580cb47260f35c74c45e4664cb50e5a23262b3fd31d0a38c08ddebaa5b688
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9e2f2eda82148d93307dccd2ba0b950795cc6ecb4d9b2c6dfea0b635a141cd
904e187f1eb93c98cdb6dc918ab7d005f6e0802fea2887ca7e6b16e3ff885baa
90cad8a14691343b1b089434109993d3ea7a85947b1e52c6ccb089671666b69e
9108b6a8643218652575fd3c9a7194c12adee219f201a16b0ddd542616828ddc
91c232041d94365fb459c01302a7f2a10c8c9c451d2f03219a321c76173d5edb
92549177c6b52fe203008ae2a7f01889cfebc82776e49191b2c00f9b9586512f
92b627801b17a9f10844ee322484af4928604a030fd390d2fd101bc510358b77
9958a7c3cb56f185c0fe4948bb019b25882a3ca1a07588515f3ebe10e9800718
9a1924f9fbfc088190ddead991945147d107a6e6574854da76f3757301dfbae6
9a3f1b3c20fdd6b0e4b11d007332de7e53da10d49de32b2d6636eea15c962e82
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9d496db62b9188180d3707700d7dd8d4ae0e6c1f9c4c3c260fcd82bb1a4f50b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab6478f2d74c3bc5042f6b021f5452ec079003fb9827867be4fa3aed68fb87ab
abf05ebbb8e5196c4a679f7325f411a8e0d9fb2548f7843ddc290b526a8480ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b49c8995d293a4b93007304ec678157f0372bc05d4ce0bb7ba18694b02b0f6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bee5d8b92d1983ca50233cfea71aed7abcb1512367f254ee1dcae35eb3eb3046
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c75318b7d6abca37817c0d53776bad17c8f6b6181c2fd7b056d768273839933d
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
d2f3faf558484feec3ff7452f12929a750d5568b0c7ded5d4f4d5f9034e1555d
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
d9a451318712c6e19ce05c78c0992488d7acd3cc6a25d41fec95658f35f31dc1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1043be4cc3a66f327b98cae06bb974fb0450dce400e0c83a0e259320a298f79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5696f49866f8b8b992cc17fa5648557237c3f6495096f6b516967052748c938
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7e83a9da4f90ca172137518d8314452ec6e29d091b406ad60faa7aa2b9d8fa
f4633e1b6c2313738e6b3319a2cbb8293048ce1e3e223387aa41bc991c17769e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7e6f4b56ff2b9f4b9b923c2b0125c32d350b35649d1800c123b74235e1fa853
f9156b00cb2bd33dd9ce9be8e215a3bdd31f6a8a31baec90ab9c4a36dafdb855
faab52534a29546aa090d241e9248e063925db1c6023a4997f19215c9c60b20d

www.pravda.com.ua Open in urlscan Pro 107.178.251.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

81 %HTTPS

42 %IPv6

51 Domains

79 Subdomains

65 IPs

14 Countries

2292 kBTransfer

5453 kBSize

60 Cookies

20 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pravda.com.ua Open in urlscan Pro
107.178.251.122 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

81 %
HTTPS

42 %
IPv6

51
Domains

79
Subdomains

65
IPs

14
Countries

2292 kB
Transfer

5453 kB
Size

60
Cookies

191 HTTP transactions
4 data transactions