galinfo.com.ua Open in urlscan Pro
138.201.125.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://galinfo.com.ua/
Submission Tags: analytics-framework
Submission: On April 21 via api (April 21st 2023, 4:07:42 am UTC) from US — Scanned from DE

Summary HTTP 183 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 35 domains to perform 183 HTTP transactions. The main IP is 138.201.125.15, located in Erding, Germany and belongs to HETZNER-AS, DE. The main domain is galinfo.com.ua.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.

This is the only time galinfo.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	138.201.125.15 138.201.125.15	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9	212.42.76.150 212.42.76.150	8856 (UKRNET Kiev) (UKRNET Kiev)
2 11	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2.19.229.113 2.19.229.113	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
9	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	35.179.69.18 35.179.69.18	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
2	3.9.28.72 3.9.28.72	16509 (AMAZON-02) (AMAZON-02)
183	41

57 138.201.125.15 (Erding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: srv.lviv.fm

galinfo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com

informers.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sinst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.229.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-113.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.179.69.18 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-69-18.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.28.72 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-28-72.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	galinfo.com.ua galinfo.com.ua	9 MB
19	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 ad.doubleclick.net — Cisco Umbrella Rank: 201	179 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	251 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	699 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23943 ad4m.at — Cisco Umbrella Rank: 9478 assets.ad4m.at — Cisco Umbrella Rank: 31150	680 KB
14	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 236 www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	184 KB
7	fwdcdn.com sinst.fwdcdn.com — Cisco Umbrella Rank: 272136	38 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5261 www.google.de — Cisco Umbrella Rank: 3425	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 ajax.googleapis.com — Cisco Umbrella Rank: 607	37 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 15646 api.webgains.io — Cisco Umbrella Rank: 40158	31 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 453 region1.google-analytics.com — Cisco Umbrella Rank: 1718	18 KB
3	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 182982 i.bigmir.net — Cisco Umbrella Rank: 341443	4 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	123 KB
3	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2353 m.addthis.com — Cisco Umbrella Rank: 2342	141 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6958	653 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com — Cisco Umbrella Rank: 4617	869 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547 static-de.ad4mat.net — Cisco Umbrella Rank: 111741	4 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132 www.googleadservices.com — Cisco Umbrella Rank: 187	3 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	89 KB
2	sinoptik.ua informers.sinoptik.ua — Cisco Umbrella Rank: 569269 sinoptik.ua — Cisco Umbrella Rank: 105592	1 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 21883	2 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 61533	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 53210	438 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 53598	262 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	702 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	338 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1646	213 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50702	611 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	713 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 2757	325 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 681	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	89 KB
183	35

	Domain	Requested by
57	galinfo.com.ua	galinfo.com.ua ajax.googleapis.com
11	www.google.com	2 redirects galinfo.com.ua www.gstatic.com googleads.g.doubleclick.net www.google.com tpc.googlesyndication.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	www.gstatic.com	www.google.com googleads.g.doubleclick.net www.gstatic.com
9	fonts.gstatic.com	fonts.googleapis.com
9	pagead2.googlesyndication.com	galinfo.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
7	sinst.fwdcdn.com	sinoptik.ua sinst.fwdcdn.com
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	www.google.de	galinfo.com.ua
3	www.googletagservices.com	galinfo.com.ua googleads.g.doubleclick.net
3	fonts.googleapis.com	galinfo.com.ua googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	ad.doubleclick.net	2 redirects
2	d5p.de17a.com	2 redirects
2	www.facebook.com	1 redirects connect.facebook.net
2	ssl.google-analytics.com	1 redirects galinfo.com.ua
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	i.bigmir.net	galinfo.com.ua
2	connect.facebook.net	galinfo.com.ua connect.facebook.net
2	s7.addthis.com	galinfo.com.ua s7.addthis.com
2	apis.google.com	galinfo.com.ua apis.google.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.awin1.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	c.bigmir.net	galinfo.com.ua
1	z.moatads.com	s7.addthis.com
1	sinoptik.ua	galinfo.com.ua
1	informers.sinoptik.ua	galinfo.com.ua
1	www.googletagmanager.com	galinfo.com.ua
1	ajax.googleapis.com	galinfo.com.ua
183	55

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
lviv.fm
ua.sinoptik.ua
www.bigmir.net

Subject Issuer	Validity	Valid
galinfo.com.ua R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
informers.sinoptik.ua Sectigo RSA Domain Validation Secure Server CA	`2022-05-10` - `2023-06-10`	a year	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-28` - `2023-04-28`	3 months	crt.sh
c.bigmir.net R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
img.com.ua R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 18 frames:

Primary Page: https://galinfo.com.ua/
Frame ID: 2D92BE8A490DD9D44A3BEB8DA6CD0572
Requests: 109 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: A5560B2EAC98A29E49534208C47611A5
Requests: 1 HTTP requests in this frame

Frame: https://galinfo.com.ua/init.htm
Frame ID: 1700E1B3108C5EE001DC1994D1E0E486
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: DE80505D95528FB088B93C91338502E5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2945E6F585A1EF8797E349DF2BB2B3C3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D446910398671900%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31d2a835d8abb4%2526domain%253Dgalinfo.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fgalinfo.com.ua%25252Ff14895717e0338%2526relation%253Dparent.parent%26container_width%3D302%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgalinfo%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26width%3D300
Frame ID: 3016B8847E1D09D396C0A50FF6AA4F67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&adk=1812271804&adf=3025194257&lmt=1682050055&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_r&format=0x0&url=https%3A%2F%2Fgalinfo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055398&bpp=6&bdt=633&idt=429&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5572522236455&frm=20&pv=2&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=505
Frame ID: 24B574E5C289DD23DEF6A6220371054A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=2703587759&adk=104936592&adf=1336954295&pi=t.ma~as.2703587759&w=302&fwrn=4&fwrnh=100&lmt=1682050055&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055404&bpp=9&bdt=639&idt=579&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=n974dGApye&p=https%3A//galinfo.com.ua&dtd=586
Frame ID: 5B55BE565B8DF62BD9FBE9564FFCE077
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y&co=aHR0cHM6Ly9nYWxpbmZvLmNvbS51YTo0NDM.&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=5n4ybdtvznny
Frame ID: 72974B7F279F84C54FCE4A9505F0E02B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729
Frame ID: B25756E87C7CFF58F6E819B30258CFED
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g5sahzpam8kg2nrr5re77dyj7gq5fmajmnb828arsa6mhm9akdd6w8r5t96af9xqwdrj8qgqgaepkbv08gpbzgxydntwzz0skzzwzkkcp1pm6y8pjyppd80vnkv5952qgmdgn7ym4fq2frcs3tjpmw1jhm2qqwcx65pvhmqa4nf1er4b2dmd13rxt8gpb7sby8t4vvj5rjdakfwn5d375385s27k5wmm41y4xq7fdregd4a8ac4yc32yaaa9xs5ff1zf8hvtn05jg8bd8c8vec3m4gy5y74nygzyyrw9pcgv60g1jah625vyybrarwrehzw8v5t33stphsp62qqkzexd05k9143d0ndbny84wazatmedbaygvevqexsd37aw8qmgwsqw7ytx4d1xvafse8bxenjzbwa020x3cqp6j7y6yxev28kkh7sayh01s5qgv3xdydhmm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%26client%3Dca-pub-2721832832858898%26adurl%3D
Frame ID: 136ACE4A0542BC66AAB01B6E3741C299
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F091FD7E104D944D9772B56122E333C4
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y
Frame ID: BC5D0CFEB33B8C1A788843B575FC0FED
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2B5C8086D1B4C1B6432A2DC78F6D1833
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Frame ID: 50DD7FED18CC127FF508C9F7DB8ACC9E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Frame ID: E073052A86E078E2BF327710B63556A4
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BAE82F4715CA45C1CA53CFE5FA6AE0F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9ED37CF29EC1F04BD1AD13E789575D0B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Гал-Інфо - Агенція інформації та аналітики. Львівські новини

Detected technologies

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

183
Requests

95 %
HTTPS

53 %
IPv6

35
Domains

55
Subdomains

41
IPs

8
Countries

11593 kB
Transfer

14935 kB
Size

32
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/galinfo

Search URL Search Domain Scan URL

URL: https://twitter.com/galinfo_lviv

Search URL Search Domain Scan URL

URL: http://lviv.fm/public/onair_lviv_fm.html
Title: Слухай онлайн

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/
Title: Погода

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D1%96%D0%B2%D0%B0%D0%BD%D0%BE-%D1%84%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA
Title: Погода в Івано-Франківську

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BB%D1%8C%D0%B2%D1%96%D0%B2
Title: Погода у Львові

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BA%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D1%87%D1%83%D0%BA
Title: Погода у Кременчуці

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D1%81%D1%82%D0%B0%D1%85%D0%B0%D0%BD%D0%BE%D0%B2
Title: Погода у Стаханові

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Gal-Info&url=https%3A%2F%2Fgalinfo.com.ua%2F%23justid&via=Toxicoman

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=371755279700434&caption=Gal-Info&redirect_uri=http%3A%2F%2Fgalinfo.com.ua%2Fcloseme.htm&picture=http%3A%2F%2Fgalinfo.com.uaDefault%20image&description=Gal-Info%20Default%20Text&link=https%3A%2F%2Fgalinfo.com.ua%2F%23justid

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://www.facebook.com/v2.3/plugins/page.php?app_id=446910398671900&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31d2a835d8abb4%26domain%3Dgalinfo.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgalinfo.com.ua%252Ff14895717e0338%26relation%3Dparent.parent&container_width=302&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgalinfo&locale=uk_UA&sdk=joey&show_facepile=true&show_posts=false&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D446910398671900%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31d2a835d8abb4%2526domain%253Dgalinfo.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fgalinfo.com.ua%25252Ff14895717e0338%2526relation%253Dparent.parent%26container_width%3D302%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgalinfo%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26width%3D300

Request Chain 108

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1692795058&utmhn=galinfo.com.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&utmhid=557425921&utmr=-&utmp=%2F&utmht=1682050056018&utmac=UA-17260192-1&utmcc=__utma%3D103093142.2017061216.1682050056.1682050056.1682050056.1%3B%2B__utmz%3D103093142.1682050056.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=603664356&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQBAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058&slf_rd=1&random=2926182480

Request Chain 113

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=UrDaCMTm-_cDEKjancsD&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&auid=1828768177.1682050056&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=CAxCZP6kBOnc7_UP18iSwAQ&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RpR3FkZC1Samc2by1FcDdWZXQ4LUxFdXRUX2ZXd21kUm1DLWk2T0hwQTBoUFEaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlLUEpxMlp0MDFlSkJ4Yl9CS0wyUTJyTC12dlFXdEhyTnotN1hzb3J0b3lkRXYxenZZbjNJb3NXUQ HTTP 302
https://www.google.com/pagead/1p-conversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=UrDaCMTm-_cDEKjancsD&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&auid=1828768177.1682050056&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RpR3FkZC1Samc2by1FcDdWZXQ4LUxFdXRUX2ZXd21kUm1DLWk2T0hwQTBoUFEaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlLUEpxMlp0MDFlSkJ4Yl9CS0wyUTJyTC12dlFXdEhyTnotN1hzb3J0b3lkRXYxenZZbjNJb3NXUQ&is_vtc=1&ocp_id=CAxCZP6kBOnc7_UP18iSwAQ&cid=CAQSKQBygQiDcOn3UtcF-6_ghbWr217OYidPcwaEfKAlFHYH1MkxUl1K_Pdi&random=3930507371 HTTP 302
https://www.google.de/pagead/1p-conversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=UrDaCMTm-_cDEKjancsD&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&auid=1828768177.1682050056&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RpR3FkZC1Samc2by1FcDdWZXQ4LUxFdXRUX2ZXd21kUm1DLWk2T0hwQTBoUFEaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlLUEpxMlp0MDFlSkJ4Yl9CS0wyUTJyTC12dlFXdEhyTnotN1hzb3J0b3lkRXYxenZZbjNJb3NXUQ&is_vtc=1&ocp_id=CAxCZP6kBOnc7_UP18iSwAQ&cid=CAQSKQBygQiDcOn3UtcF-6_ghbWr217OYidPcwaEfKAlFHYH1MkxUl1K_Pdi&random=3930507371&ipr=y&prhg=0

Request Chain 137

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFR3zzkWQOJyIuWqhS_UeJE&google_cver=1&google_push=Aer7DvJ6CxZHN1veN91h09T_NOgLKOtYXRV_bf6o1j9EKObiZjN9uo7x8Fj5VqStYYxmeybfBNHE1b5_Use6iOE2MyrHJKBvbAnaO-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1OTM2NTY5NjE5NzU1NDYxOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFR3zzkWQOJyIuWqhS_UeJE&google_cver=1

Request Chain 138

https://um.simpli.fi/gp_match?google_gid=CAESEMNAbxuWtnDe2toBL3edBS8&google_cver=1&google_push=Aer7DvK0ULCXUJPxYtt11d2-ePdmewm5LWFBHhmh-Kz0bob0CttujGyizcQlp90sCMr9Kt2iEzKW9bcPaQAPj0SLbBdeoIA41bX8r18 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CAE017DD0E84686B4A2F601FFAE64A1&google_push=Aer7DvK0ULCXUJPxYtt11d2-ePdmewm5LWFBHhmh-Kz0bob0CttujGyizcQlp90sCMr9Kt2iEzKW9bcPaQAPj0SLbBdeoIA41bX8r18

Request Chain 140

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMHkGBf5gjXCXcyenE__otc&google_cver=1&google_push=Aer7DvI5N2QjxIQCx4lBZKna4OKvacprhVjVf2We826RFT3Ggui0RB_0MRGNPFpKTIPkQlH7rS5A0PKOFCVhDXn2xEmGr-kJH2QF7Ak HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvI5N2QjxIQCx4lBZKna4OKvacprhVjVf2We826RFT3Ggui0RB_0MRGNPFpKTIPkQlH7rS5A0PKOFCVhDXn2xEmGr-kJH2QF7Ak&google_hm=K63aqF1TT8a5_Z9bv8zdArg

Request Chain 141

https://d5p.de17a.com/cookies/google?google_gid=CAESEFX4Xa7G4uKQJxCuSMpTq8w&google_cver=1&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ-lOolT8JrE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFX4Xa7G4uKQJxCuSMpTq8w&google_cver=1&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ-lOolT8JrE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ-lOolT8JrE

Request Chain 143

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEElg4CrnPULT0i1wR6rhw48&google_cver=1&google_push=Aer7DvIOicGn-5-GwpHUHTEoznOx10KVUJaA6qcUdREKC2qsXAU9PBP25tOLrSQuVNmwMcLqoINTRlBLZ3mdzK1iGLuL0gAGl8tHLQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIOicGn-5-GwpHUHTEoznOx10KVUJaA6qcUdREKC2qsXAU9PBP25tOLrSQuVNmwMcLqoINTRlBLZ3mdzK1iGLuL0gAGl8tHLQ

Request Chain 176

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN2TsOGMuv4CFbyh_QcdgVkKeQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218

183 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
galinfo.com.ua/ 107 KB
31 KB 348ms
306ms Document
text/html 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx / PHP/7.1.33
Resource Hash: c93f84b5c6bee84c1582cfa89c8e7cc815fc2981d6866c1516cd00faf5661156

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Apr 2023 04:07:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=60
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.1.33

GET
H/1.1 200
OK html5reset.css
galinfo.com.ua/css/ 2 KB
1 KB 12ms
11ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/html5reset.css
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 5372c8109f3e19c2197be9824a54c44d7a2543cf160f0f87a57dc04cb277c5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 12:13:18 GMT
Server: nginx
ETag: W/"5a56035e-71b"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 128ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i&subset=cyrillic

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cd9862876053c81b2183719e6b45e434376d6bad235c35a33991d59854d3a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 04:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 04:07:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 04:07:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
788 B 168ms
86ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,900italic,700italic&subset=latin,cyrillic

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

091064819fc260af943f346cf599ef052e649765a9f9eea3352b09fcbf080127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 04:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 04:07:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 04:07:34 GMT

GET
H/1.1 200
OK gi2.css
galinfo.com.ua/css/ 70 KB
16 KB 27ms
15ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/gi2.css?ts=2
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 5e473412aeb8db27bd674698709f6a0c03f469c76bdcc1d468c67db175754105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 12:32:32 GMT
Server: nginx
ETag: W/"5e833860-118eb"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK colorbox.css
galinfo.com.ua/css/ 4 KB
2 KB 33ms
11ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/colorbox.css
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 5b435d51cf7cbb71df2237bb875d3beac018790d4866fbd2d994ff440344d206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 May 2015 13:33:00 GMT
Server: nginx
ETag: W/"555dde8c-106d"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK galleryview.css
galinfo.com.ua/css/ 5 KB
2 KB 33ms
12ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/galleryview.css
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 0a625e89cd5cd35618e605f94ea2b2f65333c335e4308b88dff281fe5225fc02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Mar 2018 11:45:18 GMT
Server: nginx
ETag: W/"5aa90b4e-12ef"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK selection-sharer.css
galinfo.com.ua/css/ 6 KB
3 KB 33ms
11ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/selection-sharer.css
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 970243761c8175501674d123e18f02c7b02f3944fbbd4d66b8fba3ba57c2eec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 May 2015 13:33:00 GMT
Server: nginx
ETag: W/"555dde8c-17a7"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK stylesheet.css
galinfo.com.ua/css/fonts/merriweather/ 663 B
587 B 34ms
12ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/fonts/merriweather/stylesheet.css
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 2bcb4e6e1274679f3e29e0b92e34bfa6f50a1973fbcc9ca05455bb03b3725b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 May 2015 13:34:00 GMT
Server: nginx
ETag: W/"555ddec8-297"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK stylesheet.css
galinfo.com.ua/css/fonts/liberation_sans/ 2 KB
668 B 34ms
12ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: a36c6b3e75fd873d67fa8f7873fe80ab841e7765c6c7989c647d1618f5222749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 May 2015 13:34:00 GMT
Server: nginx
ETag: W/"555ddec8-869"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-ui.css
galinfo.com.ua/js/datepicker/ 22 KB
4 KB 37ms
12ms Stylesheet
text/css 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/datepicker/jquery-ui.css
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 2d7a7274848a8f7514b1d9a2ce36a33c82d296f466837d3bb2e5af097c8b67f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Nov 2018 10:10:42 GMT
Server: nginx
ETag: W/"5bffbb22-569f"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 95 KB
34 KB 130ms
35ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34044
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H/1.1 200
OK jquery.colorbox-min.js Show response
galinfo.com.ua/js/ 11 KB
5 KB 46ms
11ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/jquery.colorbox-min.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: efa2ec1d872cdd22f2ca6aedea7b686c7eda3867f5d28c1321891a775edb7ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2015 14:04:00 GMT
Server: nginx
ETag: W/"5561da50-2de3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK modernizr-2.5.3-min.js Show response
galinfo.com.ua/js/ 14 KB
6 KB 46ms
11ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/modernizr-2.5.3-min.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: b620a213e0f3212c09360f04ddc07c9de89ef78cf99702de736f16c454e52ee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jan 2018 17:25:07 GMT
Server: nginx
ETag: W/"5a5e3573-39e0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK core.js Show response
galinfo.com.ua/js/ 32 KB
10 KB 48ms
13ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/core.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: e98169309efdf557b169d220d58f7de061142a51c52948751d78e05ccb633f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 08:04:19 GMT
Server: nginx
ETag: W/"5c00ef03-81d3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-ui.js Show response
galinfo.com.ua/js/datepicker/ 80 KB
20 KB 63ms
28ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/datepicker/jquery-ui.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 9881de7c32ec1c9a2ca4ba3abffe66d6c0d976d25c922a81281d455843aff359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Nov 2018 06:31:04 GMT
Server: nginx
ETag: W/"5bff87a8-13e91"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK svgie.js Show response
galinfo.com.ua/js/ 1003 B
891 B 47ms
12ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/svgie.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: b10ac00314a032c8fa8f463a2c428669852d58bba2360f1192e4b0fd669b2173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2015 14:04:00 GMT
Server: nginx
ETag: W/"5561da50-3eb"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK galleryviewer.js Show response
galinfo.com.ua/js/ 5 KB
2 KB 51ms
15ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/galleryviewer.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: baf8cf626dbdc13f50c35d6be959d9d0f00531fe1edb53e93208466c7b7852e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2016 15:50:00 GMT
Server: nginx
ETag: W/"5835baa8-14e0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 145ms
46ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f42b52b02e9062e590cc0e67628cef282c7a13cf123a7cc1069480a57fe61fb7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 04:07:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21024
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "9886cd4fd85169ea"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 04:07:34 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 77ms
12ms Script
application/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 21 Apr 2023 04:07:34 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116511

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
89 KB 197ms
101ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-07KYN930YR

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59b67f32beb257aa6a669be4479eea202b4fd821aadebc7d95c09e9c8cf5c6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 04:07:35 GMT

GET
H/1.1 200
OK lysenka_f3693.jpg
galinfo.com.ua/media/gallery/intxt/l/y/ 357 KB
357 KB 28ms
22ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/l/y/lysenka_f3693.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 2c6f749f792db41673f9efc88f088bcd80d312bc233365476d8c3f8ca0d72fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 20 Apr 2023 07:38:49 GMT
Server: nginx
ETag: "6440ec09-59209"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 365065
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bis1.jpg
galinfo.com.ua/media/gallery/intxt/b/i/ 281 KB
282 KB 28ms
22ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/b/i/bis1.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 7c9857f81cf6fa560e1f0226f081d038cc71f3aafa1d73e4ed77299dd884ad14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 20 Apr 2023 10:55:36 GMT
Server: nginx
ETag: "64411a28-4655b"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 288091
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK velosport.png
galinfo.com.ua/media/gallery/intxt/v/e/ 305 KB
305 KB 30ms
25ms Image
image/png 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/v/e/velosport.png
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: e0212f066fbe52183e2858ee7cea4d524e7b08ac9421256b6d4c1f4351914175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 18 Apr 2023 07:20:19 GMT
Server: nginx
ETag: "643e44b3-4c38d"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 312205
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK zelenskyy_stoltenberg.jpeg
galinfo.com.ua/media/gallery/intxt/z/e/ 253 KB
254 KB 11ms
11ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/z/e/zelenskyy_stoltenberg.jpeg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: bde11448fda10454c3ce24492004734c79b4a56bb2bb4e47be4d74a0d384de3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 20 Apr 2023 12:14:09 GMT
Server: nginx
ETag: "64412c91-3f59c"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 259484
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK maxi.jpg
galinfo.com.ua/media/gallery/intxt/m/a/ 249 KB
249 KB 22ms
21ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/m/a/maxi.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 4b58fd6ab31791b1bfbf0bb0e783a1175caa8b3529dc26cc43da444c006dfed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Wed, 12 Apr 2023 08:13:58 GMT
Server: nginx
ETag: "64366846-3e29f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 254623
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK photo16794891921212112.jpeg
galinfo.com.ua/media/gallery/intxt/p/h/ 215 KB
215 KB 11ms
11ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/p/h/photo16794891921212112.jpeg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 2db1c78c2ba9cae8c7bcf4638668730d7b329a29df1bb8e1946f73166851da00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Wed, 22 Mar 2023 12:49:10 GMT
Server: nginx
ETag: "641af946-35be2"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 220130
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK romofobia.jpg
galinfo.com.ua/media/gallery/intxt/r/o/ 301 KB
301 KB 13ms
11ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/r/o/romofobia.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: e6d2d5d23a3511289a0c0830c7080ff8c106b1c7b83cd32000811b73bf98dd41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 11 Apr 2023 07:29:08 GMT
Server: nginx
ETag: "64350c44-4b334"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 308020
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kara0.jpg
galinfo.com.ua/media/gallery/intxt/k/a/ 294 KB
294 KB 13ms
12ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/k/a/kara0.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 5b8f6bf68235730f2fef98db84d55f8ae4e0f265b96c5913849c67cf8030fc9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 07 Mar 2023 12:20:19 GMT
Server: nginx
ETag: "64072c03-496fd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 300797
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK depositphotos_253905882_s.jpg
galinfo.com.ua/media/gallery/intxt/d/e/ 296 KB
296 KB 16ms
15ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/d/e/depositphotos_253905882_s.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: daf9612e7ec9ccb5c078c5417f1fa1abaf36d4a1630037bb8c39374c31b8bb48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 06 Apr 2023 08:33:33 GMT
Server: nginx
ETag: "642e83dd-49e1e"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 302622
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK collagebook.jpg
galinfo.com.ua/media/gallery/intxt/c/o/ 340 KB
340 KB 16ms
16ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/c/o/collagebook.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 57badddb1aa6243e04d381f00b533808771a7329a861c700dd26d4fa8c972599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 23 Feb 2023 13:21:46 GMT
Server: nginx
ETag: "63f7686a-55053"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 348243
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK oon_35e7b.jpg
galinfo.com.ua/media/gallery/intxt/o/o/ 360 KB
360 KB 12ms
11ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/o/o/oon_35e7b.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 04ce93c2cc89c1e2d1f78d9e7abd07e03a7b0f6b5ec241290220fb2115afd6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 24 Oct 2017 08:30:52 GMT
Server: nginx
ETag: "59eefa3c-5a04c"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 368716
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_6519.jpg
galinfo.com.ua/media/gallery/intxt/i/m/ 262 KB
262 KB 19ms
17ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/i/m/img_6519.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 95e831a915cd149199d79ee8b74e3448c48714ba874a0c024f932e8f637f1a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 11 Oct 2018 17:22:00 GMT
Server: nginx
ETag: "5bbf86b8-41881"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 268417
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK marjana334.jpg
galinfo.com.ua/media/gallery/intxt/m/a/ 215 KB
215 KB 13ms
12ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/m/a/marjana334.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 94cc8a4c21b9d2681c9e162830b76e7595cd6800a99a1d2930b196c8df088820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 23 Mar 2023 11:03:30 GMT
Server: nginx
ETag: "641c3202-35c6d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 220269
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK duxr1.jpg
galinfo.com.ua/media/gallery/intxt/d/u/ 411 KB
411 KB 20ms
20ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/d/u/duxr1.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: b5849bd640c666203d56692e7ba55aeac1f766d7ed0ad567b55a6f78f72be5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Mon, 09 Jan 2023 10:59:28 GMT
Server: nginx
ETag: "63bbf390-66c30"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 420912
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK virtuozu.png
galinfo.com.ua/media/gallery/intxt/v/i/ 314 KB
315 KB 18ms
18ms Image
image/png 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/v/i/virtuozu.png
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 7353f82b448b4124e5b0868300f86fb4d9f005c667f6b1164e35e12a9618e6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 21 Mar 2023 08:26:38 GMT
Server: nginx
ETag: "64196a3e-4e9b5"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 321973
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK prezydent.png
galinfo.com.ua/media/gallery/intxt/p/r/ 264 KB
265 KB 30ms
29ms Image
image/png 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/p/r/prezydent.png
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: c0d13bd9ec7cadcea83308bb373991989d2e8650563959a49137d684e910fc1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Mon, 26 Dec 2022 11:56:06 GMT
Server: nginx
ETag: "63a98bd6-421a8"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 270760
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frankofond.jpg
galinfo.com.ua/media/gallery/intxt/f/r/ 245 KB
245 KB 30ms
30ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/f/r/frankofond.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 667f33a9c968987f2caa7e9720b9a5dfc8fc68e090ef8eb63f980e02432d34bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Mon, 13 Mar 2023 08:06:06 GMT
Server: nginx
ETag: "640ed96e-3d213"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 250387
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK year10.jpg
galinfo.com.ua/media/gallery/intxt/y/e/ 332 KB
332 KB 50ms
49ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/y/e/year10.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: a98b7ed1f0c6bafc8e14f30e9f47863517d9eb803057bad215dab594ef125539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Fri, 23 Dec 2022 08:43:32 GMT
Server: nginx
ETag: "63a56a34-53019"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 339993
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 8bereznia55.jpg
galinfo.com.ua/media/gallery/intxt/8/b/ 373 KB
374 KB 13ms
12ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/8/b/8bereznia55.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 24c5591378ea163ff8b126dd7500ce7de5fd04e0140dccf731598652ce8a4258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 07 Mar 2023 15:46:38 GMT
Server: nginx
ETag: "64075c5e-5d4e3"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 382179
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 210ms
117ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2721832832858898

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4eeceb1cad989384aa57db979c576a4ca4c723d5de8adecb7e70709efce49ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47993
x-xss-protection: 0
server: cafe
etag: 3052907840603303065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 04:07:35 GMT

GET
H2 200 t.gif
informers.sinoptik.ua/img/ 43 B
233 B 35ms
6ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://informers.sinoptik.ua/img/t.gif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
last-modified: Thu, 10 Feb 2011 13:06:12 GMT
server: nginx
etag: "4d53e2c4-2b"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 43
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H2 200 informers_js.php Show response
sinoptik.ua/ 2 KB
901 B 37ms
6ms Script
application/json 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303009582,303014487&lang=ua

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv150.fwdcdn.com

Software

nginx /

Resource Hash

f8ea3cf04530b5353ee4a105998375034a8870b461ed5254ef00205e0baf4783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-store, no-cache, must-revalidate
date: Fri, 21 Apr 2023 04:07:34 GMT
content-encoding: gzip
x-server-by: sinfe1
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: must-revalidate, post-check=0, pre-check=0
expires: 0

GET
H/1.1 200
OK img_0014_5210e.jpg
galinfo.com.ua/media/gallery/intxt/i/m/ 316 KB
316 KB 12ms
11ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/i/m/img_0014_5210e.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 823595197771acc605f0130d6323ee11af2f4c612df5edf86c611769c16d87ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Fri, 25 Jan 2019 13:00:04 GMT
Server: nginx
ETag: "5c4b0854-4eee6"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 323302
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK biznes-branch.jpg
galinfo.com.ua/media/gallery/intxt/b/i/ 333 KB
333 KB 13ms
12ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/b/i/biznes-branch.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: ad0ea37e00dbfbe03fead5210bbee07e6eac33773becf97cdb01d462bd37ed8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Wed, 07 Dec 2022 08:58:32 GMT
Server: nginx
ETag: "639055b8-532a9"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 340649
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vzele.jpeg
galinfo.com.ua/media/gallery/intxt/v/z/ 293 KB
293 KB 17ms
17ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/v/z/vzele.jpeg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: a94baa9da800a1aaa7109482e03f3f68ae03a21007304a0409a368431b24ba72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 22 Dec 2022 08:22:31 GMT
Server: nginx
ETag: "63a413c7-49378"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 299896
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kivsin-1170x650.jpg
galinfo.com.ua/media/gallery/intxt/k/i/ 276 KB
276 KB 18ms
16ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/k/i/kivsin-1170x650.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 552772c6867793d25f1dc4b644dd3fe6c9e1a9f94a891b082c598b4891e1bf4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Fri, 03 Mar 2023 11:39:02 GMT
Server: nginx
ETag: "6401dc56-44f55"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 282453
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dfuni.png
galinfo.com.ua/media/gallery/intxt/d/f/ 270 KB
270 KB 16ms
16ms Image
image/png 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/d/f/dfuni.png
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 18ee53cf70cc80aa877d2b9bed5889e49a4fa4f0e59f14d30920d4e8842f74c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 20 Dec 2022 11:40:47 GMT
Server: nginx
ETag: "63a19f3f-437f4"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 276468
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 142ms
49ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e69c68f5c5b6c87b4b0437ddce158f64c43653e489a7f0731492243ea115ad7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 04:07:35 GMT

GET
H/1.1 200
OK jquery.textmistake.min.js Show response
galinfo.com.ua/js/ 14 KB
5 KB 12ms
11ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/jquery.textmistake.min.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: e810269a60e69b6a53469406c18213a192a02bee2149bc8d225208f8d844a395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Nov 2018 12:54:23 GMT
Server: nginx
ETag: W/"5bfe8fff-3965"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK selection-sharer.js Show response
galinfo.com.ua/js/ 13 KB
4 KB 18ms
12ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/selection-sharer.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 0f659b24ca65fb62e4fc9b302500f83f95f3dfe99dfc589a6b5f5be2d6628fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2015 14:04:00 GMT
Server: nginx
ETag: W/"5561da50-33e5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK spin.min.js Show response
galinfo.com.ua/js/ 4 KB
2 KB 17ms
11ms Script
application/javascript 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/js/spin.min.js
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: edf0824fc48c27620b71bb7a646704d10391b3293912663f38817ad9f5462703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 May 2015 14:04:00 GMT
Server: nginx
ETag: W/"5561da50-102f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK LiberationSans-Regular-webfont.woff2
galinfo.com.ua/css/fonts/liberation_sans/ 22 KB
22 KB 13ms
13ms Font
application/octet-stream 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/fonts/liberation_sans/LiberationSans-Regular-webfont.woff2
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: dbece5ec533961d9df2cb367c08a9b984a99ed00ee57061a868c6ab28d906ff5

Request headers

Referer: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:34 GMT
Last-Modified: Thu, 21 May 2015 13:34:00 GMT
Server: nginx
ETag: "5604-51697989f4200"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 22020

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ 150 KB
52 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79662221b76c3238419b19c709338caa0c7090b8fb3a8bc13b74afce0850304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53024
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 16:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 07:29:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 75 KB
25 KB 203ms
99ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1192a80209183516607fa318434604108d40fb30bdf242db8fcaf5414d76d1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25370
x-xss-protection: 0
server: cafe
etag: 415 / 19468 / 31074032 / config-hash: 13555417812552352376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 04:07:35 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 52ms
7ms Script
application/x-javascript 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=59275
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK svglib.svg
galinfo.com.ua/im/ 15 KB
7 KB 16ms
14ms Other
image/svg+xml 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/im/svglib.svg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 181e4894e26bd71431f20f7a4eb0215b072ce3c8da377f355428589673b70a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2015 07:04:00 GMT
Server: nginx
ETag: W/"557fca60-3d14"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 informers2.css
sinst.fwdcdn.com/css/ 15 KB
2 KB 16ms
6ms Stylesheet
text/css 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303009582,303014487&lang=ua
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 07:03:52 GMT
server: nginx
etag: W/"57469fd8-3d41"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19df3d72d2ceaa912addb2803a221f8717cd18995c07474152b690c366c6898e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 04:07:35 GMT
content-md5: l2aAHLUOVzxuigZdimamyw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: PlXDEjgg00MHumB3dPUqxVVG/EfgIKQnnzN+60bOSNBKXLAXCMGv19TcV9c6WhISIOcsOSAlKYAaa6npM3tfSQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 44d4f51d5d079bb6149007674e4a2504
cross-origin-opener-policy: same-origin-allow-popups
etag: "c125504c87e653d59672c561ee698a1d"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 21 Apr 2023 04:26:49 GMT

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 132 B
423 B 277ms
53ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16827859&s16827292&t0&c1&n189159&w0&y0&d24&r1600
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: b5997bb20f40f5263a30e40e6092953f7bf72e4fbae6860516912ebcbbb243ed

Request headers

Referer: https://galinfo.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 04:07:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK menu.gif
galinfo.com.ua/im/ 76 B
403 B 24ms
18ms Image
image/gif 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/im/menu.gif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/css/gi2.css?ts=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: f8634eb3e45bcbee28dd23d4ab307936f0c9b8f34461c4ee6b5d6a8628ed02b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/css/gi2.css?ts=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Sun, 24 May 2015 14:04:00 GMT
Server: nginx
ETag: "5561da50-4c"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 76
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lwave.gif
galinfo.com.ua/im/ 4 KB
4 KB 24ms
16ms Image
image/gif 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/im/lwave.gif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/css/gi2.css?ts=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: ec1207ba5b2d4677d1061b43e850a59133214d3abfb3de76def67869bf234f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/css/gi2.css?ts=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Sun, 24 May 2015 14:04:00 GMT
Server: nginx
ETag: "5561da50-ecc"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3788
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 39bb1d37-0dc4-467d-8a32-564c3dce6f30.jfif
galinfo.com.ua/media/gallery/intxt/3/9/ 174 KB
174 KB 15ms
15ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/3/9/39bb1d37-0dc4-467d-8a32-564c3dce6f30.jfif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 43b73c0455ab2b75521ba67ce2055c90111cc26f5b0f9fa5061ffd3cffcd2740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Sat, 27 Aug 2022 10:19:52 GMT
Server: nginx
ETag: "2b829-5e7365f0a47f9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 178217

GET
H/1.1 200
OK 301399146_5433902916691164_6203672724375335471_n.jpg
galinfo.com.ua/media/gallery/intxt/3/0/ 440 KB
440 KB 19ms
19ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/3/0/301399146_5433902916691164_6203672724375335471_n.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: ce104d70de62e251914ee15a4eea5dd0dd01f98694b59764b0afaf4d92195cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Fri, 26 Aug 2022 06:19:07 GMT
Server: nginx
ETag: "630865db-6dfdf"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 450527
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 301315718_392293969750354_8224737329601652656_n.jpg
galinfo.com.ua/media/gallery/intxt/3/0/ 344 KB
344 KB 18ms
18ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/3/0/301315718_392293969750354_8224737329601652656_n.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 192cb196d350e464d433b2ca270a58659a172e4d61bbfc0ef74171cf05ac2a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Wed, 24 Aug 2022 07:04:16 GMT
Server: nginx
ETag: "6305cd70-55f21"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 352033
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3841fca7-4c74-461d-8957-7b608877f7d4.jfif
galinfo.com.ua/media/gallery/intxt/3/8/ 417 KB
418 KB 18ms
16ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/3/8/3841fca7-4c74-461d-8957-7b608877f7d4.jfif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 4633d917fd1beb56893962d13ed824c32365486ae2a41aa1d9c9aae88edbda50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 23 Aug 2022 15:48:22 GMT
Server: nginx
ETag: "685dd-5e6ea7e7eeecb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 427485

GET
H/1.1 200
OK 4199bab7-9368-4fa4-821f-4d37c7319fe2.jpg
galinfo.com.ua/media/gallery/intxt/4/1/ 269 KB
270 KB 13ms
12ms Image
image/jpeg 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/media/gallery/intxt/4/1/4199bab7-9368-4fa4-821f-4d37c7319fe2.jpg
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: a2197d6634916d6997631249969512472939aa343382e8e026dc625a7b0d53c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Tue, 09 Aug 2022 09:45:18 GMT
Server: nginx
ETag: "62f22cae-43522"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 275746
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK LiberationSans-Bold-webfont.woff2
galinfo.com.ua/css/fonts/liberation_sans/ 14 KB
14 KB 32ms
12ms Font
application/octet-stream 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/fonts/liberation_sans/LiberationSans-Bold-webfont.woff2
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: c741d8a238ffc69896f04bfdac5be85e1ebeb4c590f5a363028f12e445435176

Request headers

Referer: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 21 May 2015 13:33:00 GMT
Server: nginx
ETag: "37b4-51697950bbb00"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 14260

GET
H/1.1 200
OK LiberationSans-BoldItalic-webfont.woff2
galinfo.com.ua/css/fonts/liberation_sans/ 15 KB
15 KB 46ms
13ms Font
application/octet-stream 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/fonts/liberation_sans/LiberationSans-BoldItalic-webfont.woff2
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: c4613213283a0b3259aad767ce8b234d11183b5a3f4d28c9d67c03bea8e2faed

Request headers

Referer: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 21 May 2015 13:33:00 GMT
Server: nginx
ETag: "3c6c-51697950bbb00"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 15468

GET
H2 200 P5sCzZCDf9_T_10c9CdkiK-u.woff2
fonts.gstatic.com/s/arimo/v27/ 15 KB
15 KB 200ms
115ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sCzZCDf9_T_10c9CdkiK-u.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08ba62ef99cebeb9e44d9728f955fed5d93704f3daad7f294cb469878e68c175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:55:35 GMT
x-content-type-options: nosniff
age: 83520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15624
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:10:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 04:55:35 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 170ms
85ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:25 GMT
x-content-type-options: nosniff
age: 7330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:25 GMT

GET
H2 200 P5sCzZCDf9_T_10c9CNkiA.woff2
fonts.gstatic.com/s/arimo/v27/ 20 KB
20 KB 240ms
155ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sCzZCDf9_T_10c9CNkiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a0c65a5a1136016574709e8be949cade2cee78fb2bbea201636577304ebef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:45 GMT
x-content-type-options: nosniff
age: 266750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20164
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:16:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:45 GMT

GET
H/1.1 200
OK LiberationSans-Italic-webfont.woff2
galinfo.com.ua/css/fonts/liberation_sans/ 15 KB
15 KB 54ms
12ms Font
application/octet-stream 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/css/fonts/liberation_sans/LiberationSans-Italic-webfont.woff2
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 50842b2cee64eacc7c1c1f39e9cceba7a207b1559bdd0d379f18867155308bd6

Request headers

Referer: https://galinfo.com.ua/css/fonts/liberation_sans/stylesheet.css
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Thu, 21 May 2015 13:34:00 GMT
Server: nginx
ETag: "3c54-51697989f4200"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 15444

GET
H2 200 P5sMzZCDf9_T_10dxCF8jA.woff2
fonts.gstatic.com/s/arimo/v27/ 13 KB
13 KB 190ms
124ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10dxCF8jA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6757eb05baeacae26320f55183f3bf0cbb184a9961e163fd9f852b4f1fdf3754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:06:19 GMT
x-content-type-options: nosniff
age: 7276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13192
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:06:19 GMT

GET
H2 200 logo-t1.png
sinst.fwdcdn.com/img/informers/ 1 KB
1 KB 7ms
6ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/logo-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-4d5"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1237
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H2 200 hlc-t1.png
sinst.fwdcdn.com/img/informers/ 181 B
389 B 12ms
11ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/hlc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
x-server-by: sinfe3
last-modified: Wed, 05 Nov 2014 09:28:02 GMT
server: nginx
etag: "5459eda2-b5"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 181
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H2 200 term-t1.png
sinst.fwdcdn.com/img/informers/ 389 B
599 B 8ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/term-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-185"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 389
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H2 200 s-informers.png
sinst.fwdcdn.com/img/informers/ 33 KB
33 KB 7ms
6ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/s-informers.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: b1793edea2c5e9f935b11981c437c4a9ac736fd9d71e9d7fa3ca8e49080581ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-82d9"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 33497
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H2 200 frc-t1.png
sinst.fwdcdn.com/img/informers/ 155 B
364 B 8ms
6ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-9b"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 155
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H2 200 flc-t1.png
sinst.fwdcdn.com/img/informers/ 148 B
357 B 7ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-94"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 148
expires: Sat, 20 Apr 2024 04:07:35 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 307 KB
87 KB 25ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=4e7dd0f8afbff1f7c0dc289a28b88ec4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

485d73d69a0a7931904a67793c47a11db41b0f5f9f200a6f74a2a8cf02550ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://galinfo.com.ua/
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 04:07:35 GMT
content-md5: r/egDKk3URotQwOyFC5nDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88766
x-fb-rlafr: 0
x-fb-debug: UJ8rqwBB+kKIjkgquvU9WNwMnMHlLY6tDpcZHysj6wQmrSuu24oB+hs8uqeDiabeMAcK3jMulMQSzfdQqktfDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 11c56a6f3db5b75e840972e683301cc4
cross-origin-opener-policy: same-origin-allow-popups
etag: "3bdf7a5897def13d5c24b7a7f8501cd1"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 20 Apr 2024 01:42:20 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/ 345 KB
116 KB 182ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2721832832858898&plah=galinfo.com.ua&bust=31074010

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2721832832858898

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98e169b80866fc1e28ddf5bf197e5267bb981a26e1078cbe7b7bb3515c9e4757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118230
x-xss-protection: 0
server: cafe
etag: 4812108735506626197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 04:07:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame A556 10 KB
5 KB 138ms
47ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2721832832858898

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 19:47:38 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 19:47:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clear.gif
i.bigmir.net/ 43 B
185 B 239ms
51ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/clear.gif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 21 Apr 2023 04:07:35 GMT
cache-control: max-age=315360000
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/ 400 KB
124 KB 159ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31074032

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13151
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126857
x-xss-protection: 0
server: cafe
etag: 11988808581808118609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Apr 2024 00:28:24 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 48 B
586 B 190ms
73ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=galinfo.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a176b9693ed364e2e9409e9a4d6005ed1dab13cd5f2ef4b53e3a23a8e4be8677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Fri, 21 Apr 2023 04:07:35 GMT

GET
H2 200 b47.gif
i.bigmir.net/cnt/samples/curl/ 3 KB
3 KB 207ms
51ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/curl/b47.gif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: e6892a98bf105ab73584365a01c2c72b8e5096e6787cab485850f45946b06c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
last-modified: Tue, 23 Jan 2007 13:14:25 GMT
server: nginx
etag: "45b60a31-c2d"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 3117
expires: Mon, 24 Apr 2023 04:07:35 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 409 KB
165 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Origin: https://galinfo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 16:01:09 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f31df3545a3dbd5c6f919c99ecb73f9e1837f1d987917093a68a84f2ac3107a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 389 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbf2a527971cec70abee81dc6c0aefb363a93bce31b5237b13f389fcd489dd82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 399f8348cc63a4853d4ff0536a5e7ec0f3c1e7fb6ab5d837db6ea4858b872f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 121ms
35ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 02:12:35 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6900
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 21 Apr 2023 04:12:35 GMT

GET
H/1.1 200
OK updAjax.php Show response
galinfo.com.ua/apphlp/ 14 B
219 B 51ms
44ms XHR
text/html 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/apphlp/updAjax.php?act=lastNewsIDCheck&nid=1682009400
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx / PHP/7.1.33
Resource Hash: 47a111c4469c22e9b07892210402b1f88e0ec62bf65ede8285e9e93ae30dc14f

Request headers

Accept: */*
Referer: https://galinfo.com.ua/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 14
X-Powered-By: PHP/7.1.33
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK init.htm Show response
galinfo.com.ua/ Frame 1700 255 B
583 B 13ms
13ms Document
text/html 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://galinfo.com.ua/init.htm
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: 6d1559e50a2655d198363e37b18f77316f9db1c4c9ffbf119dac04fda90a1b77

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 255
Content-Type: text/html
Date: Fri, 21 Apr 2023 04:07:35 GMT
ETag: "555dde8c-ff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Keep-Alive: timeout=60
Last-Modified: Thu, 21 May 2015 13:33:00 GMT
Server: nginx

GET
H/1.1 200
OK clock1.gif
galinfo.com.ua/im/ 848 B
1 KB 12ms
11ms Image
image/gif 138.201.125.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galinfo.com.ua/im/clock1.gif
Requested by: Host: galinfo.com.ua
URL: https://galinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.125.15 Erding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv.lviv.fm
Software: nginx /
Resource Hash: dc7d6819491e1b591f223e4355750fc4e6109c410d37329b3435a0344f07293e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:35 GMT
Last-Modified: Sun, 24 May 2015 14:04:00 GMT
Server: nginx
ETag: "5561da50-350"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 848
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-62445c79b3569b5c/ 166 B
325 B 197ms
171ms Script
application/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-62445c79b3569b5c/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-208-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=57, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 398ms
167ms Script
application/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=64420c071670a6da&bkl=0&bl=1&pdt=360&sid=64420c071670a6da&pub=ra-62445c79b3569b5c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=galinfo.com.ua&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%B0%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8%2C%D0%9B%D1%8C%D0%B2%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%8C%D0%B2%D1%96%D0%B2%D1%89%D0%B8%D0%BD%D0%B8&colc=1682050055685&jsl=161&uvs=64420c076fee3808000&skipb=1&callback=addthis.cbs.jsonp__9618060520111340
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-208-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 30c61e1c112a66dbc5162fcc2b1850d56f5bd0a4ad07b1d8ed6b7d788aaaa254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame DE80 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 2945 71 KB
26 KB 12ms
11ms Document
text/html 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 21 Apr 2023 04:07:35 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2

200

/
www.facebook.com/login/ Frame 3016
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?app_id=446910398671900&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31d2a835d8abb4%26domain%3Dgali...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D446910398671900%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_ar...

0
0

94ms
93ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D446910398671900%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31d2a835d8abb4%2526domain%253Dgalinfo.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fgalinfo.com.ua%25252Ff14895717e0338%2526relation%253Dparent.parent%26container_width%3D302%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgalinfo%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=4e7dd0f8afbff1f7c0dc289a28b88ec4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 21 Apr 2023 04:07:35 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: L1BqXgtXHAPNrf5JG7RtEv1AUbnJWMJyxDTevz2Zohc4FqFJl6ZNK22nWB3RmLvdlv2M3TizhrlH2b9gYbCzfg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:35 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D446910398671900%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31d2a835d8abb4%2526domain%253Dgalinfo.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fgalinfo.com.ua%25252Ff14895717e0338%2526relation%253Dparent.parent%26container_width%3D302%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgalinfo%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26width%3D300
origin-agent-cluster: ?0
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 1w75OgeIiabjAEbQnXubDQCvLzFcxTh8ab5crvOA+qusCpt+6r4p7Wo3q+kIVD/jBOWQZesUC+SMZH5d+QNN3Q==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
606 B 153ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=galinfo.com.ua&callback=_gfp_s_&client=ca-pub-2721832832858898

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2721832832858898&plah=galinfo.com.ua&bust=31074010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f12e88ee7536d5644c0edf1b80706fdb05f13d0dd8e0092cb2c233c5a2646ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 148ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=galinfo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 147ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galinfo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=theader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24B5 0
179 B 125ms
124ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&adk=1812271804&adf=3025194257&lmt=1682050055&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_r&format=0x0&url=https%3A%2F%2Fgalinfo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055398&bpp=6&bdt=633&idt=429&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5572522236455&frm=20&pv=2&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=505

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:35 GMT
expires: Fri, 21 Apr 2023 04:07:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 51ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-07KYN930YR&gtm=45je34j0&_p=557425921&cid=2017061216.1682050056&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682050055&sct=1&seg=0&dl=https%3A%2F%2Fgalinfo.com.ua%2F&dt=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07KYN930YR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://galinfo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963079464/ 3 KB
2 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963079464/?random=1682050055944&cv=11&fst=1682050055944&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&auid=1828768177.1682050056&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07KYN930YR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f18c863ebe8dbe06f1094fb9614975fa14531b04abfa8768986038ca1884a5e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/963079464/ 3 KB
2 KB 146ms
49ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/963079464/?random=1682050055962&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=UrDaCMTm-_cDEKjancsD&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&auid=1828768177.1682050056&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07KYN930YR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

23909d14e55fe82963b2caf9c9204b97f055a7eb029c86004961a873135f0640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B55 96 KB
34 KB 324ms
324ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=2703587759&adk=104936592&adf=1336954295&pi=t.ma~as.2703587759&w=302&fwrn=4&fwrnh=100&lmt=1682050055&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055404&bpp=9&bdt=639&idt=579&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=n974dGApye&p=https%3A//galinfo.com.ua&dtd=586

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de323302440b7a729283be97e9d83aac3f64c5943f8eb6dc7073f745a062abdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:36 GMT
expires: Fri, 21 Apr 2023 04:07:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1692795058&utmhn=galinfo.com.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058&slf_rd=1&random=2926182480

42 B
408 B

51ms
49ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058&slf_rd=1&random=2926182480

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17260192-1&cid=2017061216.1682050056&jid=603664356&_v=5.7.2&z=1692795058&slf_rd=1&random=2926182480
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7297 48 KB
27 KB 102ms
102ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y&co=aHR0cHM6Ly9nYWxpbmZvLmNvbS51YTo0NDM.&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=5n4ybdtvznny

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32a09f8f2cc1011c236ff26f936e2d59e45c41e08bd602a9d8dd5e87aea407a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pq-mJEoQi0p4-ZrLBAB11Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26740
content-security-policy: script-src 'report-sample' 'nonce-pq-mJEoQi0p4-ZrLBAB11Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B257 26 KB
11 KB 271ms
270ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afec1e8e932572d506f285b88455cb2a54c636001ba28fcb61da3ef9fd0725bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11745
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:36 GMT
expires: Fri, 21 Apr 2023 04:07:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/963079464/ 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963079464/?random=1682050055944&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3135299716&rmt_tld=0&ipr=y

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963079464/ 42 B
154 B 135ms
50ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963079464/?random=1682050055944&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3135299716&rmt_tld=1&ipr=y

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/963079464/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgali...
https://www.google.com/pagead/1p-conversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=U...
https://www.google.de/pagead/1p-conversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=Ur...

42 B
108 B

56ms
55ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=UrDaCMTm-_cDEKjancsD&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&auid=1828768177.1682050056&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RpR3FkZC1Samc2by1FcDdWZXQ4LUxFdXRUX2ZXd21kUm1DLWk2T0hwQTBoUFEaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlLUEpxMlp0MDFlSkJ4Yl9CS0wyUTJyTC12dlFXdEhyTnotN1hzb3J0b3lkRXYxenZZbjNJb3NXUQ&is_vtc=1&ocp_id=CAxCZP6kBOnc7_UP18iSwAQ&cid=CAQSKQBygQiDcOn3UtcF-6_ghbWr217OYidPcwaEfKAlFHYH1MkxUl1K_Pdi&random=3930507371&ipr=y&prhg=0

Requested by

Host: galinfo.com.ua
URL: https://galinfo.com.ua/

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/963079464/?random=1749180087&cv=11&fst=1682050055962&bg=ffffff&guid=ON&async=1&gtm=45je34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgalinfo.com.ua%2F&label=UrDaCMTm-_cDEKjancsD&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%B0%D0%BB-%D0%86%D0%BD%D1%84%D0%BE%20-%20%D0%90%D0%B3%D0%B5%D0%BD%D1%86%D1%96%D1%8F%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%97%20%D1%82%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8.%20%D0%9B%D1%8C%D0%B2%D1%96&auid=1828768177.1682050056&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1XRG9nWVF1TW1LcWNhVmlaMHNFaVlBLXZ0Q2RpR3FkZC1Samc2by1FcDdWZXQ4LUxFdXRUX2ZXd21kUm1DLWk2T0hwQTBoUFEaWkNoRUk4TVdEb2dZUXdJQ0M5N21pZ09YVEFSSXVBT2IyZTlLUEpxMlp0MDFlSkJ4Yl9CS0wyUTJyTC12dlFXdEhyTnotN1hzb3J0b3lkRXYxenZZbjNJb3NXUQ&is_vtc=1&ocp_id=CAxCZP6kBOnc7_UP18iSwAQ&cid=CAQSKQBygQiDcOn3UtcF-6_ghbWr217OYidPcwaEfKAlFHYH1MkxUl1K_Pdi&random=3930507371&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 7297 55 KB
24 KB 108ms
36ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y&co=aHR0cHM6Ly9nYWxpbmZvLmNvbS51YTo0NDM.&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=5n4ybdtvznny

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 22:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 22:52:10 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 7297 409 KB
164 KB 126ms
54ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 16:01:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5B55 6 KB
765 B 47ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=2703587759&adk=104936592&adf=1336954295&pi=t.ma~as.2703587759&w=302&fwrn=4&fwrnh=100&lmt=1682050055&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055404&bpp=9&bdt=639&idt=579&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=n974dGApye&p=https%3A//galinfo.com.ua&dtd=586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 04:00:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 04:07:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5B55 2 KB
847 B 156ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:53:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5B55 0
0 88ms
85ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjRenCAxCZIfJAoq_7gT8lLzoBtznlvBvnuzU5IYRpYX-geIYEAEg8YrjHWDVBaAB07H5yAPIAQmpArhJv7UzZ7I-qAMByAPLBKoE7gFP0Gcxben93VqL9m_EsEaky8Oyfk3pnHDlE8oF0UbuJEoI04eX0xsjjp27pzdwQq9F_bL_st-cEpZdL661-7rhEcq5gGkdRbPxtwrHUOdSROFW71rGN925JCa2i5MYCw-9IGQwR0EI9MYiZRsYeVx9VtVlFF23t7EA5nfynneWs_YDfuqI3X06JZWQHkavbhEgnbceKD_ElrsnHnOIsiUGYbNFFF4HDkX13aj1MzRem9j1ofPqmiLQ92WYEDTQDTST16pe67sEmN73Vzn-bGvnts6hmrhqAS4Gl5daHSdDLMHkhDqJ4yfk9PuPdNqRwATR37zMowSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHrcGwkAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCQNdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTCogUAtAVAYAXAbIXHAoaCAASFHB1Yi0yNzIxODMyODMyODU4ODk4GAA&sigh=r4kQGiRoZYg&uach_m=[UACH]&cid=CAQSGwBygQiDuZ4a66S1CPXkmsQBNYW45RQXrnaVQhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=2703587759&adk=104936592&adf=1336954295&pi=t.ma~as.2703587759&w=302&fwrn=4&fwrnh=100&lmt=1682050055&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055404&bpp=9&bdt=639&idt=579&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=n974dGApye&p=https%3A//galinfo.com.ua&dtd=586
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 04:07:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 5B55 21 KB
9 KB 150ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:48:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5B55 3 KB
1 KB 154ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5B55 19 KB
8 KB 274ms
161ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 04:07:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B55 159 KB
49 KB 66ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 04:07:36 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 5B55 32 KB
13 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5019376751490513303/ Frame 5B55 9 KB
9 KB 151ms
43ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5019376751490513303/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2796cd37beedd8a0a5d2234ba5aa8ee7b9d3ee3422d76312d83909752dc0cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:58:20 GMT
x-content-type-options: nosniff
age: 234556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8864
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 04:30:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Apr 2024 10:58:20 GMT

GET
DATA 200
OK truncated
/ Frame 5B55 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame B257 3 KB
1 KB 83ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame B257 19 KB
8 KB 268ms
229ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 04:07:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B257 0
0 54ms
45ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT80nenYffwpJjUjmM_6BlF9RGudOV5ASNngDOfsiHWxciIXwvS40Lx_QnvQtmrgwlgjsVkpG0O3DLpUMKvSkAvAlr9dA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B257 159 KB
49 KB 57ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 04:07:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B257 0
0 95ms
85ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1opiCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTnAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxgGo8tEQWIFnOhJUokaUAdfaIpoCm2v97yKqewBBdZXeuBsUK_jcIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjcyMTgzMjgzMjg1ODg5OBgA&sigh=QzXVEUuG_-o&uach_m=[UACH]&cid=CAQSKQBygQiDrWgLsDdk7i_MYkP7x8nEXFJfwgQow-mZPH-4nmvkKTnXK5YTGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 04:07:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B257 0
0 81ms
22ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hna0khkqspa0rj3nw674w9kv659b43j9nw2vjh587qwbkhzj20451m2s14206eb9nssmfqbx0nhd4py8s87jmtp3b030dajgwkyrt2gc3j4tns89v9nvjf8ec5xhfjt6mn0fn96q7t29mt16jz1k3f0c66d5q2n0bx87erv13e613npd7ftdkmd2fdbpfkvy0cnt5mjhwv0syy1vaj07w9sx8gtg1ajmwnssfkj1ghfvktjtzttsheec9myehbktr13qtz2gnxa4s958ycb66590krje7tmjndn0nv4s81sjvbemney9pbjc3hw09dzkvjhkg77cwgwfshaacf9qnzbq5jvydd01w993tr0rzsf4ymea3nshq6n1rbthd92td9zsmtzarzjf2g&b=ZEIMCAACuIEKmuFQAAeDfCWyvwSF79XtcCTVRQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 04:07:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 136A 2 KB
3 KB 83ms
40ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g5sahzpam8kg2nrr5re77dyj7gq5fmajmnb828arsa6mhm9akdd6w8r5t96af9xqwdrj8qgqgaepkbv08gpbzgxydntwzz0skzzwzkkcp1pm6y8pjyppd80vnkv5952qgmdgn7ym4fq2frcs3tjpmw1jhm2qqwcx65pvhmqa4nf1er4b2dmd13rxt8gpb7sby8t4vvj5rjdakfwn5d375385s27k5wmm41y4xq7fdregd4a8ac4yc32yaaa9xs5ff1zf8hvtn05jg8bd8c8vec3m4gy5y74nygzyyrw9pcgv60g1jah625vyybrarwrehzw8v5t33stphsp62qqkzexd05k9143d0ndbny84wazatmedbaygvevqexsd37aw8qmgwsqw7ytx4d1xvafse8bxenjzbwa020x3cqp6j7y6yxev28kkh7sayh01s5qgv3xdydhmm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%26client%3Dca-pub-2721832832858898%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c57b6c2fb92ee67b08c883b8b599b277816d901aa6537726e62c4526434156

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bb2c2d51f339046-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:36 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F091 1 KB
643 B 131ms
123ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:36 GMT
etag: 48472445140208031
expires: Sat, 22 Apr 2023 04:07:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7297 102 B
134 B 47ms
47ms Other
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93df7036a797945783d64cc7cc90a3431ea14ad9e1886349addc7fb9d46296a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y&co=aHR0cHM6Ly9nYWxpbmZvLmNvbS51YTo0NDM.&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=5n4ybdtvznny
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 04:07:36 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 136A 94 KB
12 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5sahzpam8kg2nrr5re77dyj7gq5fmajmnb828arsa6mhm9akdd6w8r5t96af9xqwdrj8qgqgaepkbv08gpbzgxydntwzz0skzzwzkkcp1pm6y8pjyppd80vnkv5952qgmdgn7ym4fq2frcs3tjpmw1jhm2qqwcx65pvhmqa4nf1er4b2dmd13rxt8gpb7sby8t4vvj5rjdakfwn5d375385s27k5wmm41y4xq7fdregd4a8ac4yc32yaaa9xs5ff1zf8hvtn05jg8bd8c8vec3m4gy5y74nygzyyrw9pcgv60g1jah625vyybrarwrehzw8v5t33stphsp62qqkzexd05k9143d0ndbny84wazatmedbaygvevqexsd37aw8qmgwsqw7ytx4d1xvafse8bxenjzbwa020x3cqp6j7y6yxev28kkh7sayh01s5qgv3xdydhmm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%26client%3Dca-pub-2721832832858898%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g5sahzpam8kg2nrr5re77dyj7gq5fmajmnb828arsa6mhm9akdd6w8r5t96af9xqwdrj8qgqgaepkbv08gpbzgxydntwzz0skzzwzkkcp1pm6y8pjyppd80vnkv5952qgmdgn7ym4fq2frcs3tjpmw1jhm2qqwcx65pvhmqa4nf1er4b2dmd13rxt8gpb7sby8t4vvj5rjdakfwn5d375385s27k5wmm41y4xq7fdregd4a8ac4yc32yaaa9xs5ff1zf8hvtn05jg8bd8c8vec3m4gy5y74nygzyyrw9pcgv60g1jah625vyybrarwrehzw8v5t33stphsp62qqkzexd05k9143d0ndbny84wazatmedbaygvevqexsd37aw8qmgwsqw7ytx4d1xvafse8bxenjzbwa020x3cqp6j7y6yxev28kkh7sayh01s5qgv3xdydhmm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%26client%3Dca-pub-2721832832858898%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 838975
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl4sobv%2B%2BglvkktMlgLipe%2FytnvQWLdOvGS93WIK1gbPR8JkcuE9WQBXvfNhHMmmRdr5%2BhfmptI5m4fiT6Z6ycyb71%2BwOztCsNb1ktncj4oB%2BAVQVAz1ZNrpebpGjFL%2F4PMz7MH6%2FAc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bb2c2d5af8b9046-FRA
expires: Fri, 21 Apr 2023 05:07:36 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 136A 25 KB
10 KB 47ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5sahzpam8kg2nrr5re77dyj7gq5fmajmnb828arsa6mhm9akdd6w8r5t96af9xqwdrj8qgqgaepkbv08gpbzgxydntwzz0skzzwzkkcp1pm6y8pjyppd80vnkv5952qgmdgn7ym4fq2frcs3tjpmw1jhm2qqwcx65pvhmqa4nf1er4b2dmd13rxt8gpb7sby8t4vvj5rjdakfwn5d375385s27k5wmm41y4xq7fdregd4a8ac4yc32yaaa9xs5ff1zf8hvtn05jg8bd8c8vec3m4gy5y74nygzyyrw9pcgv60g1jah625vyybrarwrehzw8v5t33stphsp62qqkzexd05k9143d0ndbny84wazatmedbaygvevqexsd37aw8qmgwsqw7ytx4d1xvafse8bxenjzbwa020x3cqp6j7y6yxev28kkh7sayh01s5qgv3xdydhmm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%26client%3Dca-pub-2721832832858898%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 120651
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wxp2wlCnjDiHqTHFIEZyGZVOum1xp4o8lwv4Z22MajS3eJTfuQLm4aw9OC%2BbQq6OJo0EHlYevxkSx0Z4RI3G63%2FvDWACloOmykoEnPyNoIB9htddCRQaSF%2BBydIMyYqnhaLjLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7bb2c2d5d8019046-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Apr 2023 13:45:45 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F091
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFR3zzkWQOJyIuWqhS_UeJE&google_cver=1&google_push=Aer7DvJ6CxZHN1veN91h09T_NOgLKOtYXRV_bf6o1j9EKObiZjN9uo7x8Fj5VqStYYxmeybfBNHE1b5_Use6iOE2MyrHJKBvbAnaO-Q
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1OTM2NTY5NjE5NzU1NDYxOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFR3zzkWQOJyIuWqhS_UeJE&google_cver=1

43 B
398 B

86ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFR3zzkWQOJyIuWqhS_UeJE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFR3zzkWQOJyIuWqhS_UeJE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F091
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMNAbxuWtnDe2toBL3edBS8&google_cver=1&google_push=Aer7DvK0ULCXUJPxYtt11d2-ePdmewm5LWFBHhmh-Kz0bob0CttujGyizcQlp90sCMr9Kt2iEzKW9bcPaQAPj0SLbBdeoIA41bX8r18
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CAE017DD0E84686B4A2F601FFAE64A1&google_push=Aer7DvK0ULCXUJPxYtt11d2-ePdmewm5LWFBHhmh-Kz0bob0CttujGyizcQlp90sCMr9Kt2iEzKW9bcPaQAPj0S...

170 B
329 B

47ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CAE017DD0E84686B4A2F601FFAE64A1&google_push=Aer7DvK0ULCXUJPxYtt11d2-ePdmewm5LWFBHhmh-Kz0bob0CttujGyizcQlp90sCMr9Kt2iEzKW9bcPaQAPj0SLbBdeoIA41bX8r18

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 04:07:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CAE017DD0E84686B4A2F601FFAE64A1&google_push=Aer7DvK0ULCXUJPxYtt11d2-ePdmewm5LWFBHhmh-Kz0bob0CttujGyizcQlp90sCMr9Kt2iEzKW9bcPaQAPj0SLbBdeoIA41bX8r18
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Apr 2023 04:07:36 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F091 70 B
265 B 116ms
29ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFHgIKry9patWmQrx_ibcX0&google_cver=1&google_push=Aer7DvJti_lln_Upz_Z7ELwSsbexRckW-UFm3rLYFeEnWMT206bRDzZ5bOzqJ_CNVYgokCY09gJbFLX4PuvC3Tgt6grQ9jCVN7o5lw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F091
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMHkGBf5gjXCXcyenE__otc&google_cver=1&google_push=Aer7DvI5N2QjxIQCx4lBZKna4OKvacprhVjVf2We826RFT3Ggui0RB_0MRGNPFpKTIPkQlH7rS5A0PKOFCV...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvI5N2QjxIQCx4lBZKna4OKvacprhVjVf2We826RFT3Ggui0RB_0MRGNPFpKTIPkQlH7rS5A0PKOFCVhDXn2xEmGr-kJH2QF7Ak&google_hm=K63aqF1TT8a5_Z9bv...

170 B
232 B

47ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvI5N2QjxIQCx4lBZKna4OKvacprhVjVf2We826RFT3Ggui0RB_0MRGNPFpKTIPkQlH7rS5A0PKOFCVhDXn2xEmGr-kJH2QF7Ak&google_hm=K63aqF1TT8a5_Z9bv8zdArg

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvI5N2QjxIQCx4lBZKna4OKvacprhVjVf2We826RFT3Ggui0RB_0MRGNPFpKTIPkQlH7rS5A0PKOFCVhDXn2xEmGr-kJH2QF7Ak&google_hm=K63aqF1TT8a5_Z9bv8zdArg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F091
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFX4Xa7G4uKQJxCuSMpTq8w&google_cver=1&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ-l...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFX4Xa7G4uKQJxCuSMpTq8w&google_cver=1&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ-lOolT8JrE

170 B
232 B

47ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ-lOolT8JrE

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIijlsSVQAvmMQ4KsYDSIyjXgKtz81Eq12eANOrIB5-CJoQlZ7PSJNWQFl-5Ke0nWtOQh1ZNegWeeTcUnkd8nKwQ-lOolT8JrE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame F091 42 B
213 B 78ms
20ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJs1tSm-y6cmbce6doFZFQw&google_push=Aer7DvLiCSLcoBIg639Ajjy8O0jU96A8D7rrkR_GpsnJ6OON8B5IPCo87z4BPJTpNF9is9-MBagy3MWDpiZCuayMCUk7pgbqcwL5-pY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2721832832858898&output=html&h=250&slotname=9843711176&adk=2042794722&adf=2930850573&pi=t.ma~as.9843711176&w=302&fwrn=4&fwrnh=100&lmt=1682050056&rafmt=1&format=302x250&url=https%3A%2F%2Fgalinfo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682050055413&bpp=2&bdt=648&idt=724&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=1&correlator=5572522236455&frm=20&pv=1&ga_vid=2017061216.1682050056&ga_sid=1682050056&ga_hid=557425921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073974%2C31074010%2C44786918&oid=2&pvsid=4429459819836621&tmod=569407256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FjxivTN4YO&p=https%3A//galinfo.com.ua&dtd=729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F091
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEElg4CrnPULT0i1wR6rhw48&google_cver=1&google_push=Aer7DvIOicGn-5-GwpHUHTEoznOx10KVUJaA6qcUdREKC2qsXAU9PBP25tOLrSQuVNmwMcLqoINTRlBLZ3md...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIOicGn-5-GwpHUHTEoznOx10KVUJaA6qcUdREKC2qsXAU9PBP25tOLrSQuVNmwMcLqoINTRlBLZ3mdzK1iGLuL0gAGl8tHLQ

170 B
232 B

46ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIOicGn-5-GwpHUHTEoznOx10KVUJaA6qcUdREKC2qsXAU9PBP25tOLrSQuVNmwMcLqoINTRlBLZ3mdzK1iGLuL0gAGl8tHLQ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:07:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIOicGn-5-GwpHUHTEoznOx10KVUJaA6qcUdREKC2qsXAU9PBP25tOLrSQuVNmwMcLqoINTRlBLZ3mdzK1iGLuL0gAGl8tHLQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F091 0
139 B 156ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPvKqhHBkiqRSAA7B0GxXueWTqPqKC2TEAGZFCskEOGIFp8aA5UD8eTuDFRhNKa4uvKMYr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame BC5D 7 KB
1 KB 54ms
53ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f528486c73ee1a34efc9dd4c1dbc46f7c42e6989d8d42fb4450aa425248dc367

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wtdPc16RnJbk4mdUsUw8pQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1140
content-security-policy: script-src 'report-sample' 'nonce-wtdPc16RnJbk4mdUsUw8pQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 136A 3 KB
4 KB 56ms
15ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1048
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yn1OESkvPWBuhN10gwdbYmV5%2FpPT7aVVqKDsYpDNz3QKjK3y1j%2BJJJybeFPQikbJksgTPSvDy5srlY95G9GvFzGA5FcWrMT9WhXwDjadiKBEvBYV%2FOQ76JTVxJ1zK2mlcADSIU2kdaSfbuBIRuHnAKtW"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7bb2c2d83ac63a74-FRA
expires: Fri, 21 Apr 2023 04:06:33 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame BC5D 55 KB
24 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 22:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 22:52:10 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame BC5D 409 KB
164 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 16:01:09 GMT

GET
DATA 200
OK truncated
/ Frame B257 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66ef3c083dd38d0796de7bf4077f78792c6dc09425fcfbe44c1068826021ef70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5B55 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03795ffd1d938c99f24409e1661849aebe9de9f268460d081b4d37441613094

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2B5C 2 KB
1 KB 26ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1333872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7bb2c2d85ebe3a60-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 04:07:37 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3A9Y9lJuSNAzNkBYvlrkWQ6tcFsmH2xEvuX%2Fb8KRCxiv9abZK8zrghWvQB9JPRJ7J8%2FGmodH4kylueTVWA3qxi6StRyQv4GjTq8K%2FXbeOPur%2Ft7o5II6kJAiF1VXp2ib4DqPrE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B55 15 KB
16 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 30750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B55 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 93765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 50DD 36 KB
14 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:46:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 89ms
87ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4deec9c99e55fd0bea6b8eea60101b4eac3aa6a49e1236cbcf2ed6eb906c266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11243
x-xss-protection: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame BC5D 40 KB
24 KB 86ms
85ms XHR
application/json 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d67e846c97a3050147a08dd5ac39f4c02688c756ed6f059285b1521ce9eed82b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24735
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 04:07:37 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 53ms
34ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bb2c2d94b89bbdf-FRA
content-length: 24
content-type: text/plain
date: Fri, 21 Apr 2023 04:07:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nES8Q38yjKPTH6%2Bdk37fsab8nphrI%2B35f92IrgxVB%2FpilpBii1GByHnFHCaffvomwt5zSu6o2B7cX2cFb7EYsvrWYwcaRARR7DgY%2FCUm4Y%2BkGc%2Bh7dvMs%2FUfSjBR8djVlsywx4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-pvdv

POST
H3 200 rs Show response
ad4m.at/ Frame 136A 2 KB
2 KB 43ms
43ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5005553c47615ebfb9acabfcb1f29cf1891373d69894b9774276505248a3b3ea

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBem8Iz453xKqY89p0NEtjMBoXw4Y%2BJVWO76gekKYUX%2Bx0eWVhe5KnpIHqU2LxeMB6D0QKZ2KiNfo5bQ5F4pS%2B6oyHsUwVtcUt6OMvkksMGuLF5p7eh5VOhhZh1xpZmhp%2FRRxbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7bb2c2d97bdbbbdf-FRA
x-backend-server: aa-reachservice-group-europe-west1-pvdv
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 04:07:37 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame BC5D 600 B
624 B 37ms
36ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:19 GMT
x-content-type-options: nosniff
age: 180378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 26 Apr 2023 02:01:19 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame BC5D 530 B
554 B 39ms
37ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:19 GMT
x-content-type-options: nosniff
age: 180378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 26 Apr 2023 02:01:19 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame BC5D 665 B
689 B 39ms
38ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 266786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 25 Apr 2023 02:01:11 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BC5D 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:13:19 GMT
x-content-type-options: nosniff
age: 60858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 11:13:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BC5D 15 KB
15 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 7334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BC5D 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:09:16 GMT
x-content-type-options: nosniff
age: 151101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 10:09:16 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame BC5D 56 KB
56 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AKH6MREAyfQgem70QuEO7CGmzVaxke8nGyIyz4CgQ2gh5fLWcusaNAk0N5ZIwkf7CElfsQH8yTErmKaCFyuMYw4IVsVZ3uZ15B5mcBpCnRwqIl3CTa1HQ21bJDFY-iquKpT_y0GX5z-Qa18B-dwDaWQY3KXNnKVn3S97tckayXSobJJJaBDkwqsDsFqXxuiaiFj42rEkd-JqGOSK1IJOyu9w4Ael1XtpdA&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8b1dbd650e1f6ffe7c3eb10ceac2e8c4cefa5ba22923030a41b41ddb3af40e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeBk30UAAAAAPwTjmDq-rrav73t8cfYD0Y2so1y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57649
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 04:07:37 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E073 11 KB
5 KB 38ms
38ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e379fe08a9d021535d9a2b83d58906760f0dbed37f4ae3d76c1b19fea9038bc2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g5sahzpam8kg2nrr5re77dyj7gq5fmajmnb828arsa6mhm9akdd6w8r5t96af9xqwdrj8qgqgaepkbv08gpbzgxydntwzz0skzzwzkkcp1pm6y8pjyppd80vnkv5952qgmdgn7ym4fq2frcs3tjpmw1jhm2qqwcx65pvhmqa4nf1er4b2dmd13rxt8gpb7sby8t4vvj5rjdakfwn5d375385s27k5wmm41y4xq7fdregd4a8ac4yc32yaaa9xs5ff1zf8hvtn05jg8bd8c8vec3m4gy5y74nygzyyrw9pcgv60g1jah625vyybrarwrehzw8v5t33stphsp62qqkzexd05k9143d0ndbny84wazatmedbaygvevqexsd37aw8qmgwsqw7ytx4d1xvafse8bxenjzbwa020x3cqp6j7y6yxev28kkh7sayh01s5qgv3xdydhmm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%26client%3Dca-pub-2721832832858898%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bb2c2da58b23a60-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BAE8 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 19:25:48 GMT
expires: Fri, 19 Apr 2024 19:25:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9ED3 783 B
535 B 87ms
87ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f24c7c546d6e67f734f490da2a185969cfb9cb1bd3dd1523172494858b8a2840

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TTQ4EHH9jKCwecE69h4Olg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://galinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-TTQ4EHH9jKCwecE69h4Olg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:07:37 GMT
expires: Fri, 21 Apr 2023 04:07:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame E073 94 KB
12 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 838976
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMTVgKMxzAkZW%2BeNlxSQn6kz28D5T6LdzsIRa6%2FuElGvWQhevFxhCSzNa4odlZ8L%2B1e8gDeykS6kHbT8RS5%2F9OAQNsVrQuvBBOCc1rSEw%2BSBkq7e0QBntxEAp6kt7tMpK9cnXX35kRo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bb2c2dab9073a60-FRA
expires: Fri, 21 Apr 2023 05:07:37 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame E073 2 KB
3 KB 46ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 976663
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BGebwGbLb%2FS5L%2B7zcIlr2UxbGdPUR70hAxGD1tJ9jt6XgA4QlzloFKHX9vaTwD9kpSZsaIx2FCLmuhEvcdYmEDMdjG%2F1R5J6B8vAh%2Bv%2FTbIEf5D%2FPFj8EBS6DBBrhuN60QRgdm9gZtydBhY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb2c2dadb659046-FRA
expires: Sat, 22 Apr 2023 04:07:37 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame E073 496 KB
497 KB 42ms
23ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045
cf-polished: origSize=563367, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 508355
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jipBJOCsUuEbJoIbx5BStK1OaL3Ru3RlgOoKIPUF5a9rcQROCk4P7pYYans%2B78%2F%2BEYNE2ek70hIIq4%2Bg1Um5qd3ObaZa6RbgX7%2FwwHlgKcFGkAY%2FUkIbei23w%2B7kL1%2Fbc2mjQk3y7K5LXapN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb2c2dadb679046-FRA
expires: Sat, 22 Apr 2023 04:07:37 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E073 43 B
702 B 99ms
60ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 04:07:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E073 53 KB
54 KB 41ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1413144
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FjticJHEsiHyWfuY%2BqayDAZApoSvCNUffjMElrUxVB5EGB2cSg4BrfUKGrbkbxJRP4J1uTMXyZIrWKRnS%2FvTpEopAbruedTf3%2BV5GuMtcilTNoNlgZnRZMuqU8EZfdVAWe5JlOZJ7Dr3f0v"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb2c2dadb649046-FRA
expires: Sat, 22 Apr 2023 04:07:37 GMT

GET
H2 200 1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
assets.ad4m.at/product_image/ Frame E073 21 KB
22 KB 41ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2013148
cf-polished: qual=85, origFmt=jpeg, origSize=60655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21982
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Dec 2020 13:58:13 GMT
server: cloudflare
etag: "39d52f1648dac315ebcc9c4fa4ed5728"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYnkCtE6n32qe6911bownCHt2%2BdLq5O7PXOdgQBCWY3DUW7IAqy8YgPG37Yb1moNlMMHZmaCHHWn53wBVoVxxgXqlsew7th%2Ff6XJlV5egdflUonC%2FzOa%2FL7o%2Bxh%2Fo2J77n0mqM113W%2FBEsr8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb2c2dadb639046-FRA
expires: Sat, 22 Apr 2023 04:07:37 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame E073
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN2TsOGMuv4CFbyh_QcdgVkKeQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite...

49 B
1 KB

96ms
35ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:07:37 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
date: Fri, 21 Apr 2023 04:07:37 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame E073 5 KB
5 KB 32ms
14ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 717950
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzaJLjgS9qsK48unsys%2Bxe2FQfzjecNz3ljw9XOLZLcW%2BkwX%2BqVC7hOR2QPg4oeWzBzIBHhA7D6%2F397qapOyZOQ%2BjCKcRhQvUS3bQhiiLRrZEofNSmLNSdKF0absrOHo1AqWUJUYUdJxC%2Bgx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb2c2dadb609046-FRA
expires: Sat, 22 Apr 2023 04:07:37 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame E073 54 KB
55 KB 33ms
15ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1113433
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXKJyMAMAXW0pDpsPAIzzirguG55tbzcuObDUYV6Er5OX8nFF0GKJnB5ATvOGz5QnXpWUMpJbzNwzITaYrYF0QGfga%2FzIC1ou%2F12RpT63mJM6ESeh3IB9RljGILrYvXy57IVV3V1Jske1sH7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb2c2dadb629046-FRA
expires: Sat, 22 Apr 2023 04:07:37 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame E073 2 KB
2 KB 140ms
60ms Script
text/html 35.179.69.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k53x9vss23dmfda7z44jt7pjj1eemj03m6rcm76fdjcwk4km66k37fr6rtxycftj011q1nas43mpjkc8q64nc1tftam3at9tv8exw2ndxxdy9pd5ebkf4z6g0xkgh8fspxq519xwnd163vzg5qtxtt2mzc7mkkkeqemkq8qnrctdkv532h4zm3ghr9ywms0arnp2pcwbkcak95504zcha3zkfycq62mg0s68xqggsteqzwtcyn32qs2y5czt7r6hg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%252526client%25253Dca-pub-2721832832858898%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.69.18 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-69-18.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2285c072150f39ada8bc23c1c5023265f4ad02f7062d99d05ce4f107ebeb3802

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
last-modified: Fri, 21 Apr 2023 04:07:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 21 Apr 2023 04:08:37 GMT

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame BAE8 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:46:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9ED3 0
0 74ms
73ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=4429459819836621&rc=05ALnTWt6hSdzUnJr9hYYhVT-Diq1pjwbnhbQizS4PLiIS6uX6gdNDVuy53YbdOFPuh2pF_rStrd3g8wMXvz3ZiQZZjDfrQZLs_Ve5igt9YUtR_UlkqPc8tUtuYKMBp28TiK6sBB0PxHizMNww6EmpJgNiAhSz7MWSrFfMj5pEZ0PkxqhEhpT2-fo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BAE8 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jiJarg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:07:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E073 85 KB
31 KB 92ms
7ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k53x9vss23dmfda7z44jt7pjj1eemj03m6rcm76fdjcwk4km66k37fr6rtxycftj011q1nas43mpjkc8q64nc1tftam3at9tv8exw2ndxxdy9pd5ebkf4z6g0xkgh8fspxq519xwnd163vzg5qtxtt2mzc7mkkkeqemkq8qnrctdkv532h4zm3ghr9ywms0arnp2pcwbkcak95504zcha3zkfycq62mg0s68xqggsteqzwtcyn32qs2y5czt7r6hg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%252526client%25253Dca-pub-2721832832858898%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 10:19:46 GMT
content-encoding: gzip
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 64072
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: L70i0bhldx_CxUMYi65m8AxOO4aqSJVpj-kF7Nrfa-KaEAXvaE1Bgw==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame E073 15 KB
15 KB 48ms
8ms Image
image/png 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1682050357&Signature=mUYz6PkyoQNFikT8DVU-UCv5QnRQLtSuVrRF3D7bBZR1AvFrOdxhBIw9Fn8cGaQJUT~-5XkONPSg76V~sV-9nsnWTZvfumHbE44TAN-qMAr-U424LYGvole1pElGAmb7lg1E-NEBkOy7HyAulNEomxDh0veQ2sKxgg-XvBgyRzA3QCYu-LgqKdjvDilEPM4vIWmnUs3MJ7OtifBaBWQaLHkGgzYm9uS4hnp3NdZ7ZTA~fCL4X~PZsXdq~Z93thVFzIF0WsODfByCi6w-nyvfxPndivVHwgXv96B6J4~BiqqidBIEHIdekN4B6r4TE6DketxI2~mm7H9aTaiuRSdOjw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 20 Apr 2023 11:08:29 GMT
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 61149
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: TMyWkI_SYL9FRI5mcF_W5Fa4Bp0S_UBbSkXO8n2aI-uhsmxG3XmGoQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=4429459819836621&bg=!pKelp_PNAAYfNdXmPzU7ADkAdvg8Wn2L7Q635dixFQQLRDe9zbSlPNm9uR2VnJLtRcEC2g2gHmrGEaASLMukckYdoFKRxY43cIICAAAAa1IAAAAEaAEHmQLv7uY74dasZ94tEMH1_ECJ-3SvjenWnlcr1S5iWBYKCCH-lNDNrLBpqy5gT4xxP8-eBLogOZf0Or7kUdyQn2B9Gxbj2AzSQQ2j_NRo88eIscQLmwhk3oTo6zDZEXCJIAgJwtFPwjFbK8fkdJnftNpCIRqIc0-HveiWCbYDVZgFzxIYVNxxPTo8T1H28-baQLaX-dMR6dlt_Q4VydfiULCAtuls4z6Wkf6WZYqgaVrQc_319PJlstmHmyxZyR2pkKNjHiftiJUtQOGW3MdqGHVA7QA9mu4WqqW5cRxECDXQvVCAmPgqf1eWzKFYFTq6PvQqhtEnnoh6krpCcuzlNAnkv78ADsujb7GEhbtxdKTN8jKPaBeeBvc_MTvuhBIw6i_veSoo0xY02Evf6Zezhw7J3tREOjru587Uyah80boL26XCnYZZlJiKlrSHLRnRXiXj_T2Bsqn-CUvdVvQ7vLVzb8YLF98rSKuT-vpxZRCkgYFkcwmggqAbOFSCWISkVVlRZcXEaO5j_V_lb5Af_bm6n-wWzaR-FlVRHiTTQeGWLhgT7GyPzWWPoLHxCkNIx6228kc5KcWCXJDwPn7X7GTJmaPtJA6-DitzZv111gV62y-nAXq81xSjaSKymTy8EYpYbptw92AKNLhfgWKtZBIK42kZj1TFsDUHL_Fhl8e7_3Bh7xh5J0M8nRxqjK2uZuKm-EeiHKqhJja5yTdFa68YCoACYqMisbz3ja_KCEmgqWZZrNLLQqGrQlu8eeV9WmCRc9GsfIOvRPOu2fLBN6KqjoTbCGsYUTHeF2DFd9xXaXE5LNS541zb9TduE2TiOucHRvB5sWTh3bYGhRk0HzozcsvYDfRsThkD6v659-VUlImBEqbj5ltqvbJ8iojyfMLasntluANDpbfbK5DkqAyvsnyUTxkKyvbfudoWHSF56sa2fkO_0ojtFPg9mQQcMglZrQTi-qo5m0zObPuaja-BtcOIoxwZ7XauFkKn2qKt0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E073 16 B
232 B 70ms
70ms Fetch
application/json 3.9.28.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.28.72 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-28-72.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Apr 2023 04:07:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 87ms
19ms Preflight 3.9.28.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.28.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-28-72.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 21 Apr 2023 04:07:38 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 15:33:22	Name: _GRECAPTCHA Value: 09ALnTWt7wIIEYGKo7hWiaQCd8fv3eyQvmU0Smm2iUvoRfi96zspVz1usaHEVjz7lWClO9qWu0_hNz-P3d7ZWS4j0
galinfo.com.ua/	1970-01-20 11:57:22	Name: visitor Value: 5a47be21d7fc317fce2ac9a69dcfbb36
galinfo.com.ua/	1969-12-31 23:59:59	Name: zM010bEEt1e Value: 82fb0f2352b6f3b01e2637de3d4019bb
galinfo.com.ua/	1970-01-20 11:57:22	Name: visitorID Value: hinv99ulHYWYyIIqeyxLVaDP46Zlbe0E
galinfo.com.ua/	1970-01-20 11:57:22	Name: visitorCSUM Value: 5b4d7492620043fabbdf9b40be9fa0bf
galinfo.com.ua/	1970-01-20 11:14:31	Name: lastnewsid Value: 1682009400
galinfo.com.ua/	1969-12-31 23:59:59	Name: b Value: b
galinfo.com.ua/	1970-01-20 20:44:24	Name: __atuvc Value: 1%7C16
galinfo.com.ua/	1970-01-20 11:14:11	Name: __atuvs Value: 64420c076fee3808000
.galinfo.com.ua/	1970-01-20 20:50:10	Name: _ga_07KYN930YR Value: GS1.1.1682050055.1.0.1682050055.0.0.0
.galinfo.com.ua/	1970-01-20 20:50:10	Name: _ga Value: GA1.1.2017061216.1682050056
.galinfo.com.ua/	1970-01-20 13:23:46	Name: _gcl_au Value: 1.1.1828768177.1682050056
.addthis.com/	1970-01-20 20:44:24	Name: uvc Value: 1%7C16
.galinfo.com.ua/	1970-01-20 20:50:10	Name: __utma Value: 103093142.2017061216.1682050056.1682050056.1682050056.1
.galinfo.com.ua/	1969-12-31 23:59:59	Name: __utmc Value: 103093142
.galinfo.com.ua/	1970-01-20 15:36:58	Name: __utmz Value: 103093142.1682050056.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.galinfo.com.ua/	1970-01-20 11:14:10	Name: __utmt Value: 1
.galinfo.com.ua/	1970-01-20 11:14:11	Name: __utmb Value: 103093142.1.10.1682050056
.galinfo.com.ua/	1970-01-20 20:35:46	Name: __gads Value: ID=101d50ff81bbb2c1-227562b1a3dd00bd:T=1682050055:RT=1682050055:S=ALNI_Ma79TWt4XZ5pXBymU7BqNLVbDIr_A
.galinfo.com.ua/	1970-01-20 20:35:46	Name: __gpi Value: UID=00000bedf1e3b96e:T=1682050055:RT=1682050055:S=ALNI_Ma9D3vo2AnIh3-IhqLNrjFXTvgoLg
.addthis.com/	1970-01-20 20:44:24	Name: loc Value: MDAwMDBFVURFTlcyMzIyMTg4ODAwMjAwMDBDSA==
.doubleclick.net/	1970-01-20 20:35:46	Name: IDE Value: AHWqTUkaWK_iAcA4y282yggldnSxSMJVHXJ21Z-jWF-OpQ2WgBnqlWWzhyXfR31VvdU
.simpli.fi/	1970-01-20 20:01:12	Name: suid Value: 7CAE017DD0E84686B4A2F601FFAE64A1
.turn.com/	1970-01-20 15:33:22	Name: uid Value: 8059365696197554618
.ctnsnet.com/	1970-01-20 19:59:46	Name: cid_2baddaa85d534fc6b9fd9f5bbfccdd02 Value: 1
.ctnsnet.com/	1970-01-20 19:59:46	Name: gid_CAESEMHkGBf5gjXCXcyenE__otc Value: 1
.de17a.com/	1970-01-20 19:52:34	Name: guid Value: 1.7003137159479470584
.awin1.com/	1970-01-20 11:17:02	Name: awpv20044 Value: 412871\|1682050057\|0d33ccb0-dffa-11ed-9d45-2261c3620022
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.o2online.de/	1970-01-20 11:24:14	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MjA1MDA1N3ZsZWExZGUyMDIzMDQyMTA2MDczNzg0MTMzNDQwMzczWDExMjc5M1YxMjI2MTMyNzAyTVN2aWV3b25laWRaMjhmd2ZCZjZ3UlVtSERIRHQzdEpKWkM2U1hUUVFlZlk1akJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTI3OTM
.o2online.de/	1970-01-20 11:24:14	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 11:24:14	Name: webShopPV Value: ?partnerId=O2_AFF_RTG_EXA_15018&mediacode=AFF_la_112793_-HTLP&utm_term=AFF_la_112793_-HTLP&utm_content=O2_AFF_RTG_EXA_15018&spid=2023042106073784133440373X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MjA1MDA1N3ZsZWExZGUyMDIzMDQyMTA2MDczNzg0MTMzNDQwMzczWDExMjc5M1YxMjI2MTMyNzAyT

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://galinfo.com.ua/(Line 9) Message: The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering	warning	URL: https://galinfo.com.ua/(Line 9) Message: The key "target-densitydpi" is not supported.
javascript	warning	URL: https://galinfo.com.ua/(Line 1360) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16827859&s16827292&t0&c1&n189159&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://galinfo.com.ua/(Line 1360) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16827859&s16827292&t0&c1&n189159&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1g5sahzpam8kg2nrr5re77dyj7gq5fmajmnb828arsa6mhm9akdd6w8r5t96af9xqwdrj8qgqgaepkbv08gpbzgxydntwzz0skzzwzkkcp1pm6y8pjyppd80vnkv5952qgmdgn7ym4fq2frcs3tjpmw1jhm2qqwcx65pvhmqa4nf1er4b2dmd13rxt8gpb7sby8t4vvj5rjdakfwn5d375385s27k5wmm41y4xq7fdregd4a8ac4yc32yaaa9xs5ff1zf8hvtn05jg8bd8c8vec3m4gy5y74nygzyyrw9pcgv60g1jah625vyybrarwrehzw8v5t33stphsp62qqkzexd05k9143d0ndbny84wazatmedbaygvevqexsd37aw8qmgwsqw7ytx4d1xvafse8bxenjzbwa020x3cqp6j7y6yxev28kkh7sayh01s5qgv3xdydhmm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%26client%3Dca-pub-2721832832858898%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=0cc7db7da01483285b43c6314d47c4de%2F759893595838997216&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682050057223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz8ddjpa64dpkaxy9504h4khhmvkd48acbep7e28b7rq24seas30m57na8axg03htv65jsseqbjvs136zwzpwj08z02hegtjgvjgdwzhvxz0agp6q9cc4yraqd236svfa5pwg39ptn0t48j0wvc546yh38vj56f7nt5dt2002xt8ar3s2sx0rqsxxjrwjhzq7dexzrdyrfh9jwzmmkhz1ea3apd54rqa7gx9hyn5qkg25qjndxxqvwpmwc3tppxrxhyb2anf0vkq5ft3e6wyxvr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7uYCAxCZIHxCtDC6wT8hp6YA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTI3MjE4MzI4MzI4NTg4OTjIAQmpAh76_QS4Z7I-qAMBqgTqAU_QXexNIVyRv7zGqBaizDEq7amz2Ra3oJxmCY8YG_LR471ZnNROV0XBKV7KETIBraIajy05CY6fvnbTEvsow1oYt9N3UATeVncvGoIInlQl1DG9w2eT1YTy52q607AV32QvXqVOEtjFu0PP5Kd6PkWVMQYU5wcbhdW0woRUQakxOJ3RnAiklRCLEIgSy29hKmIvx8Txcsd01OcbrLYcu0Srt4NFfFqYF_IVIa6F7I9KIdRFTqlaCJGvoy05QY6dxxhEoerWlpuC3CDOGh_AGZWtUZ5ip2eB72EKa6WT_UJJVvi5jDCjuGMWEYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3TyeaZYeqdCIuSqCE0_fWE3Lq6-Q%2526client%253Dca-pub-2721832832858898%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
apis.google.com
as.ad4m.at
assets.ad4m.at
c.bigmir.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
galinfo.com.ua
gcm.ctnsnet.com
googleads.g.doubleclick.net
i.bigmir.net
informers.sinoptik.ua
m.addthis.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
s7.addthis.com
securepubads.g.doubleclick.net
sinoptik.ua
sinst.fwdcdn.com
ssl.google-analytics.com
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
v1.addthisedge.com
www.awin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
z.moatads.com
s7.addthis.com
104.102.45.165
138.201.125.15
142.250.185.162
142.250.185.66
142.250.186.70
167.233.13.224
18.66.147.41
193.239.68.97
193.239.71.100
2.19.229.113
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
212.42.76.150
213.155.156.166
23.206.208.114
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.9.28.72
34.160.236.64
34.91.62.186
35.179.69.18
35.186.193.173
51.75.86.98
52.223.40.198
84.200.5.215
99.86.4.94
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
04ce93c2cc89c1e2d1f78d9e7abd07e03a7b0f6b5ec241290220fb2115afd6fe
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb
08ba62ef99cebeb9e44d9728f955fed5d93704f3daad7f294cb469878e68c175
091064819fc260af943f346cf599ef052e649765a9f9eea3352b09fcbf080127
09c57b6c2fb92ee67b08c883b8b599b277816d901aa6537726e62c4526434156
0a625e89cd5cd35618e605f94ea2b2f65333c335e4308b88dff281fe5225fc02
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f659b24ca65fb62e4fc9b302500f83f95f3dfe99dfc589a6b5f5be2d6628fe3
1192a80209183516607fa318434604108d40fb30bdf242db8fcaf5414d76d1cc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
181e4894e26bd71431f20f7a4eb0215b072ce3c8da377f355428589673b70a41
18ee53cf70cc80aa877d2b9bed5889e49a4fa4f0e59f14d30920d4e8842f74c8
192cb196d350e464d433b2ca270a58659a172e4d61bbfc0ef74171cf05ac2a19
19df3d72d2ceaa912addb2803a221f8717cd18995c07474152b690c366c6898e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f31df3545a3dbd5c6f919c99ecb73f9e1837f1d987917093a68a84f2ac3107a
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2285c072150f39ada8bc23c1c5023265f4ad02f7062d99d05ce4f107ebeb3802
23909d14e55fe82963b2caf9c9204b97f055a7eb029c86004961a873135f0640
24c5591378ea163ff8b126dd7500ce7de5fd04e0140dccf731598652ce8a4258
2bcb4e6e1274679f3e29e0b92e34bfa6f50a1973fbcc9ca05455bb03b3725b71
2c6f749f792db41673f9efc88f088bcd80d312bc233365476d8c3f8ca0d72fa2
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2d7a7274848a8f7514b1d9a2ce36a33c82d296f466837d3bb2e5af097c8b67f7
2db1c78c2ba9cae8c7bcf4638668730d7b329a29df1bb8e1946f73166851da00
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f12e88ee7536d5644c0edf1b80706fdb05f13d0dd8e0092cb2c233c5a2646ae
30c61e1c112a66dbc5162fcc2b1850d56f5bd0a4ad07b1d8ed6b7d788aaaa254
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a09f8f2cc1011c236ff26f936e2d59e45c41e08bd602a9d8dd5e87aea407a2
399f8348cc63a4853d4ff0536a5e7ec0f3c1e7fb6ab5d837db6ea4858b872f4a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
43b73c0455ab2b75521ba67ce2055c90111cc26f5b0f9fa5061ffd3cffcd2740
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4633d917fd1beb56893962d13ed824c32365486ae2a41aa1d9c9aae88edbda50
47a111c4469c22e9b07892210402b1f88e0ec62bf65ede8285e9e93ae30dc14f
485d73d69a0a7931904a67793c47a11db41b0f5f9f200a6f74a2a8cf02550ad8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b58fd6ab31791b1bfbf0bb0e783a1175caa8b3529dc26cc43da444c006dfed2
4cd9862876053c81b2183719e6b45e434376d6bad235c35a33991d59854d3a3e
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb
4e69c68f5c5b6c87b4b0437ddce158f64c43653e489a7f0731492243ea115ad7
5005553c47615ebfb9acabfcb1f29cf1891373d69894b9774276505248a3b3ea
50842b2cee64eacc7c1c1f39e9cceba7a207b1559bdd0d379f18867155308bd6
5372c8109f3e19c2197be9824a54c44d7a2543cf160f0f87a57dc04cb277c5be
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552772c6867793d25f1dc4b644dd3fe6c9e1a9f94a891b082c598b4891e1bf4d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
57badddb1aa6243e04d381f00b533808771a7329a861c700dd26d4fa8c972599
59b67f32beb257aa6a669be4479eea202b4fd821aadebc7d95c09e9c8cf5c6a4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b435d51cf7cbb71df2237bb875d3beac018790d4866fbd2d994ff440344d206
5b8f6bf68235730f2fef98db84d55f8ae4e0f265b96c5913849c67cf8030fc9c
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e473412aeb8db27bd674698709f6a0c03f469c76bdcc1d468c67db175754105
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a0c65a5a1136016574709e8be949cade2cee78fb2bbea201636577304ebef6
667f33a9c968987f2caa7e9720b9a5dfc8fc68e090ef8eb63f980e02432d34bc
669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab
66ef3c083dd38d0796de7bf4077f78792c6dc09425fcfbe44c1068826021ef70
6757eb05baeacae26320f55183f3bf0cbb184a9961e163fd9f852b4f1fdf3754
6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e
6d1559e50a2655d198363e37b18f77316f9db1c4c9ffbf119dac04fda90a1b77
7353f82b448b4124e5b0868300f86fb4d9f005c667f6b1164e35e12a9618e6d8
79662221b76c3238419b19c709338caa0c7090b8fb3a8bc13b74afce0850304c
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c9857f81cf6fa560e1f0226f081d038cc71f3aafa1d73e4ed77299dd884ad14
823595197771acc605f0130d6323ee11af2f4c612df5edf86c611769c16d87ce
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
93df7036a797945783d64cc7cc90a3431ea14ad9e1886349addc7fb9d46296a2
94cc8a4c21b9d2681c9e162830b76e7595cd6800a99a1d2930b196c8df088820
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95e831a915cd149199d79ee8b74e3448c48714ba874a0c024f932e8f637f1a01
970243761c8175501674d123e18f02c7b02f3944fbbd4d66b8fba3ba57c2eec2
9881de7c32ec1c9a2ca4ba3abffe66d6c0d976d25c922a81281d455843aff359
98e169b80866fc1e28ddf5bf197e5267bb981a26e1078cbe7b7bb3515c9e4757
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
a176b9693ed364e2e9409e9a4d6005ed1dab13cd5f2ef4b53e3a23a8e4be8677
a2197d6634916d6997631249969512472939aa343382e8e026dc625a7b0d53c8
a36c6b3e75fd873d67fa8f7873fe80ab841e7765c6c7989c647d1618f5222749
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4deec9c99e55fd0bea6b8eea60101b4eac3aa6a49e1236cbcf2ed6eb906c266
a4eeceb1cad989384aa57db979c576a4ca4c723d5de8adecb7e70709efce49ca
a94baa9da800a1aaa7109482e03f3f68ae03a21007304a0409a368431b24ba72
a98b7ed1f0c6bafc8e14f30e9f47863517d9eb803057bad215dab594ef125539
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad0ea37e00dbfbe03fead5210bbee07e6eac33773becf97cdb01d462bd37ed8b
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afec1e8e932572d506f285b88455cb2a54c636001ba28fcb61da3ef9fd0725bd
b10ac00314a032c8fa8f463a2c428669852d58bba2360f1192e4b0fd669b2173
b1793edea2c5e9f935b11981c437c4a9ac736fd9d71e9d7fa3ca8e49080581ad
b5849bd640c666203d56692e7ba55aeac1f766d7ed0ad567b55a6f78f72be5d8
b5997bb20f40f5263a30e40e6092953f7bf72e4fbae6860516912ebcbbb243ed
b620a213e0f3212c09360f04ddc07c9de89ef78cf99702de736f16c454e52ee8
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
baf8cf626dbdc13f50c35d6be959d9d0f00531fe1edb53e93208466c7b7852e9
bbf2a527971cec70abee81dc6c0aefb363a93bce31b5237b13f389fcd489dd82
bde11448fda10454c3ce24492004734c79b4a56bb2bb4e47be4d74a0d384de3a
c0d13bd9ec7cadcea83308bb373991989d2e8650563959a49137d684e910fc1e
c4613213283a0b3259aad767ce8b234d11183b5a3f4d28c9d67c03bea8e2faed
c741d8a238ffc69896f04bfdac5be85e1ebeb4c590f5a363028f12e445435176
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c93f84b5c6bee84c1582cfa89c8e7cc815fc2981d6866c1516cd00faf5661156
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
ce104d70de62e251914ee15a4eea5dd0dd01f98694b59764b0afaf4d92195cf7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d67e846c97a3050147a08dd5ac39f4c02688c756ed6f059285b1521ce9eed82b
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
daf9612e7ec9ccb5c078c5417f1fa1abaf36d4a1630037bb8c39374c31b8bb48
dbece5ec533961d9df2cb367c08a9b984a99ed00ee57061a868c6ab28d906ff5
dc7d6819491e1b591f223e4355750fc4e6109c410d37329b3435a0344f07293e
de323302440b7a729283be97e9d83aac3f64c5943f8eb6dc7073f745a062abdc
e0212f066fbe52183e2858ee7cea4d524e7b08ac9421256b6d4c1f4351914175
e2796cd37beedd8a0a5d2234ba5aa8ee7b9d3ee3422d76312d83909752dc0cc3
e379fe08a9d021535d9a2b83d58906760f0dbed37f4ae3d76c1b19fea9038bc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6892a98bf105ab73584365a01c2c72b8e5096e6787cab485850f45946b06c7b
e6d2d5d23a3511289a0c0830c7080ff8c106b1c7b83cd32000811b73bf98dd41
e810269a60e69b6a53469406c18213a192a02bee2149bc8d225208f8d844a395
e8b1dbd650e1f6ffe7c3eb10ceac2e8c4cefa5ba22923030a41b41ddb3af40e6
e98169309efdf557b169d220d58f7de061142a51c52948751d78e05ccb633f20
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58
ec1207ba5b2d4677d1061b43e850a59133214d3abfb3de76def67869bf234f64
edf0824fc48c27620b71bb7a646704d10391b3293912663f38817ad9f5462703
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa2ec1d872cdd22f2ca6aedea7b686c7eda3867f5d28c1321891a775edb7ad8
f03795ffd1d938c99f24409e1661849aebe9de9f268460d081b4d37441613094
f18c863ebe8dbe06f1094fb9614975fa14531b04abfa8768986038ca1884a5e9
f24c7c546d6e67f734f490da2a185969cfb9cb1bd3dd1523172494858b8a2840
f42b52b02e9062e590cc0e67628cef282c7a13cf123a7cc1069480a57fe61fb7
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f528486c73ee1a34efc9dd4c1dbc46f7c42e6989d8d42fb4450aa425248dc367
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8634eb3e45bcbee28dd23d4ab307936f0c9b8f34461c4ee6b5d6a8628ed02b7
f8ea3cf04530b5353ee4a105998375034a8870b461ed5254ef00205e0baf4783

galinfo.com.ua Open in urlscan Pro 138.201.125.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

183 Requests

95 %HTTPS

53 %IPv6

35 Domains

55 Subdomains

41 IPs

8 Countries

11593 kBTransfer

14935 kBSize

32 Cookies

11 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

galinfo.com.ua Open in urlscan Pro
138.201.125.15 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

95 %
HTTPS

53 %
IPv6

35
Domains

55
Subdomains

41
IPs

8
Countries

11593 kB
Transfer

14935 kB
Size

32
Cookies

183 HTTP transactions
6 data transactions