www.gismeteo.ua Open in urlscan Pro
193.16.47.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gismeteo.ua/
Effective URL:
https://www.gismeteo.ua/ua/
Submission: On August 28 via api (August 28th 2022, 2:01:32 am UTC) from GB — Scanned from GB

Summary HTTP 181 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 70 IPs in 16 countries across 52 domains to perform 181 HTTP transactions. The main IP is 193.16.47.244, located in Krakow, Poland and belongs to WNET, US. The main domain is www.gismeteo.ua. The Cisco Umbrella rank of the primary domain is 295471.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 4th 2022. Valid for: a year.

This is the only time www.gismeteo.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	193.16.47.244 193.16.47.244	1820 (WNET) (WNET)
8	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 6	79.137.68.72 79.137.68.72	16276 (OVH) (OVH)
3	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
11	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
1	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	18.66.108.49 18.66.108.49	16509 (AMAZON-02) (AMAZON-02)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::ac43:44a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
4	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
3	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4 8	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	52.48.242.118 52.48.242.118	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:1c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f13:800... 2600:1f13:800:7781:b014:6cd:344c:1dbf	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2.18.168.202 2.18.168.202	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.168.244 2.18.168.244	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1 1	2606:4700::68... 2606:4700::6813:ad6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
4	92.123.9.160 92.123.9.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 4	52.58.8.248 52.58.8.248	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	193.232.148.141 193.232.148.141	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	195.201.152.105 195.201.152.105	24940 (HETZNER-AS) (HETZNER-AS)
4 4	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	151.236.118.210 151.236.118.210	204720 (CDNETWORKS) (CDNETWORKS)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 2	2a02:6b8::90 2a02:6b8::90	() ()
2 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 5	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	52.94.220.185 52.94.220.185	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3601:de76:c213:1adf:fff5	16509 (AMAZON-02) (AMAZON-02)
1	52.201.183.195 52.201.183.195	14618 (AMAZON-AES) (AMAZON-AES)
1	72.251.241.206 72.251.241.206	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	2606:4700::68... 2606:4700::6812:d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.96.145.246 104.96.145.246	() ()
181	70

12 193.16.47.244 (Krakow, Poland) 2 redirects

ASN1820 (WNET, US)

gismeteo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gismeteo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

static.gismeteo.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 79.137.68.72 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ltx1.host.hit.gemius.pl

galt.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rss-images.gismeteo.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.108.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-108-49.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44a2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.242.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-242-118.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:1c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7781:b014:6cd:344c:1dbf (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.168.202 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-202.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.168.244 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-244.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ad6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.8.248 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-8-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.141 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.105 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.152.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.160 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (None, ) 1 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.143.56 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.220.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:de76:c213:1adf:fff5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.183.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-183-195.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.145.246 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	160 KB
19	gismeteo.st static.gismeteo.st — Cisco Umbrella Rank: 147243 rss-images.gismeteo.st — Cisco Umbrella Rank: 155907	87 KB
16	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303	183 KB
15	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 519 eus.rubiconproject.com — Cisco Umbrella Rank: 582 pixel.rubiconproject.com — Cisco Umbrella Rank: 327 token.rubiconproject.com — Cisco Umbrella Rank: 711 secure-assets.rubiconproject.com pixel-eu.rubiconproject.com	26 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 763 static.adsafeprotected.com — Cisco Umbrella Rank: 589 dt.adsafeprotected.com — Cisco Umbrella Rank: 526	94 KB
12	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 304 s.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260	51 KB
12	gismeteo.ua 2 redirects gismeteo.ua — Cisco Umbrella Rank: 284136 www.gismeteo.ua — Cisco Umbrella Rank: 295471	119 KB
9	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 51836 inv-nets.admixer.net — Cisco Umbrella Rank: 2604	141 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790 bidder.criteo.com — Cisco Umbrella Rank: 759	9 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 604	33 KB
7	gemius.pl 1 redirects galt.hit.gemius.pl — Cisco Umbrella Rank: 125492 ls.hit.gemius.pl — Cisco Umbrella Rank: 14568	35 KB
6	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2016 cache.betweendigital.com — Cisco Umbrella Rank: 19427	5 KB
6	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 539 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	6 KB
4	bumlam.com 4 redirects sync.bumlam.com — Cisco Umbrella Rank: 3059	3 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	164 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493 ads.pubmatic.com — Cisco Umbrella Rank: 492 image6.pubmatic.com — Cisco Umbrella Rank: 634	20 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
3	openx.net setupad-d.openx.net — Cisco Umbrella Rank: 46508 u.openx.net — Cisco Umbrella Rank: 705 rtb.openx.net — Cisco Umbrella Rank: 1517	819 B
3	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5357 sync.adtelligent.com — Cisco Umbrella Rank: 4279	2 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1497	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	529 B
2	yandex.ru 1 redirects an.yandex.ru	668 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 14347	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 13301	820 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 594 cdn.indexww.com — Cisco Umbrella Rank: 1405	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	57 KB
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 39439	8 KB
2	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 150406	24 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	72 KB
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 745	263 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 2302
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1500	408 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1195	35 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488	988 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 592
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 370	703 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15137	69 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 476	732 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 654	277 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 942	394 B
1	setupad.com node.setupad.com — Cisco Umbrella Rank: 40638	209 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1419	63 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8811	792 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3944	488 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6497	177 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 508	625 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 420484	169 B
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 42970	116 KB
0	tns-counter.ru Failed www.tns-counter.ru Failed
0	adxpremium.services Failed rtb.adxpremium.services Failed
181	52

	Domain	Requested by
11	rss-images.gismeteo.st	www.gismeteo.ua
11	pagead2.googlesyndication.com	www.gismeteo.ua securepubads.g.doubleclick.net tpc.googlesyndication.com 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	www.gismeteo.ua	1 redirects www.gismeteo.ua
8	dt.adsafeprotected.com	8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
8	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
8	static.gismeteo.st	www.gismeteo.ua
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
6	ib.adnxs.com	2 redirects stpd.cloud googleads.g.doubleclick.net acdn.adnxs.com
6	galt.hit.gemius.pl	1 redirects www.gismeteo.ua galt.hit.gemius.pl
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	ads.betweendigital.com	stpd.cloud ads.betweendigital.com
5	cdn.admixer.net	www.gismeteo.ua cdn.admixer.net
4	sync.bumlam.com	4 redirects
4	x.bidswitch.net	3 redirects cache.betweendigital.com
4	eus.rubiconproject.com	stpd.cloud eus.rubiconproject.com cache.betweendigital.com
4	s0.2mdn.net	www.gismeteo.ua s0.2mdn.net 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	inv-nets.admixer.net	stpd.cloud
4	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
4	gum.criteo.com	2 redirects static.criteo.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	token.rubiconproject.com	3 redirects
3	pixel.rubiconproject.com	2 redirects
3	fastlane.rubiconproject.com	stpd.cloud
3	prg.smartadserver.com	stpd.cloud
3	mug.criteo.com	www.gismeteo.ua
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.gismeteo.ua www.google-analytics.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	an.yandex.ru	1 redirects
2	x01.aidata.io	2 redirects
2	px.adhigh.net	2 redirects
2	sync.adtelligent.com	stpd.cloud
2	ads.pubmatic.com	stpd.cloud
2	googleads4.g.doubleclick.net	www.gismeteo.ua
2	static.adsafeprotected.com	8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects www.gismeteo.ua
2	googleads.g.doubleclick.net	8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com www.gismeteo.ua
2	www.google.com	tpc.googlesyndication.com 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
2	static.criteo.net	stpd.cloud static.criteo.net
2	8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prebid-stag.setupad.net	stpd.cloud
2	s.znctrack.net	www.gismeteo.ua
2	www.googletagservices.com	www.gismeteo.ua 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	bttrack.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	id.rlcdn.com
1	px.ads.linkedin.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	cache.betweendigital.com	ads.betweendigital.com
1	sync.dmp.otm-r.com	ads.betweendigital.com
1	sync.mathtag.com	1 redirects
1	rtb.openx.net
1	ap.lijit.com
1	csync.loopme.me	1 redirects
1	u.openx.net	stpd.cloud
1	acdn.adnxs.com	stpd.cloud
1	js-sec.indexww.com	stpd.cloud
1	node.setupad.com	stpd.cloud
1	code.createjs.com	s0.2mdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	setupad-d.openx.net	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	ghb.adtelligent.com	stpd.cloud
1	adx.adform.net	stpd.cloud
1	htlb.casalemedia.com	stpd.cloud
1	hbopenbid.pubmatic.com	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	id5-sync.com	stpd.cloud
1	loadercdn.net	www.gismeteo.ua
1	ls.hit.gemius.pl	galt.hit.gemius.pl
1	stats.g.doubleclick.net	www.google-analytics.com
1	stpd.cloud	www.gismeteo.ua
1	gismeteo.ua	1 redirects
0	www.tns-counter.ru Failed
0	rtb.adxpremium.services Failed	stpd.cloud
181	84

This site contains links to these domains. Also see Links.

Domain
news-ua.commerce.ua

Subject Issuer	Validity	Valid
*.gismeteo.ua AlphaSSL CA - SHA256 - G2	`2022-02-04` - `2023-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-16` - `2023-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.stpd.cloud E1	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-09-05`	a year	crt.sh
loadercdn.net R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
node.setupad.com R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.gismeteo.ua/ua/
Frame ID: 5B080379235416D41801887DEB8B9B45
Requests: 89 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 42CE0F5D62207FCBDFDE92F2D0E9B101
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 4D6E7DBB5529481B1573430140F34A6F
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: A940340EDCFB5185F654DA6F4591336E
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: F47092BEF2C17A8168EA5CCA9D72D809
Requests: 4 HTTP requests in this frame

Frame: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3ACC3D3DD2B50C2C90903D2F7C97FCA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gismeteo.ua
Frame ID: DAC6F7D3B943A4217328698D7EEC5B45
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AE7A546A921F5034FC5FE73B75BD347
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B632C9F7DEF1F34C1471AA51F9B42700
Requests: 2 HTTP requests in this frame

Frame: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D475293A8305D7EE17E4EB645C192C5
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJG9580BMAE&v=APEucNVr32NKoAxgx8MjCR4ekzJ1ifXSEkSnpEXuf7zcR8pMuiz6dnb4XAn1L8XDr6WSaYxuDMrWhTXjhbyBXaenhXIC4NEbrnHwKVfxjLSCKGSVAhg72G-4HfYjLyOHgJxdPr5YXvuq_NvNvoqOP7Ql__OZE8gdFsyABykexXf7_LP-T_pUOE0
Frame ID: B76ED557236C58D60EE697A3ADB65E72
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2613DD09649992F561D46A3DF1D59AE8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 26946671518FC0681C2E23E3CF711192
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17252712401982728039/index.html
Frame ID: 6BFE0BCCE7637320C43DF06FFED9573F
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 510B678F619023D7E7FCA4D8A6120448
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B0837BF958E0AEA7AB0F247AC930D03C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 431FF5DCDD226BD297556B0345929926
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C4520C670A1440E4877EB011A026C5D7
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 007CBAF6AC45261383434C83E3ED2FA4
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 2E5B81163D5C934A5BB8558B7D9FA056
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=31fd8227-9c33-46d0-b8f7-190646a36ab2
Frame ID: CF671F1163EA2DA53826C32E7C8536E9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CF8C458E6054991AD55EE34D084C4ECB
Requests: 10 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8&CACHEBUSTER=147022
Frame ID: 9AF6BADA3068A39EE391A7D23A870A90
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6345C9BFE21ECD9873EE6547A4D10DE5
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 0D5D3523640648AA51631187F1FB92EA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GISMETEO: Погода в Україні, прогноз погоди на сьогодні, завтра, 3 дні, вихідні, тиждень, 10 днів, місяць.

Page URL History Show full URLs

http://gismeteo.ua/ HTTP 301
https://www.gismeteo.ua/ HTTP 302
https://www.gismeteo.ua/ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

181
Requests

87 %
HTTPS

38 %
IPv6

52
Domains

84
Subdomains

70
IPs

16
Countries

1493 kB
Transfer

4626 kB
Size

59
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://news-ua.commerce.ua/feed/?click=MjA3NjM2fDUzOWJjZjkxY2YxNTdiMWM4ZDMzOWQwZWNjNjc2MTk1
Title: Успіння Пресвятої Богородиці: що не можна робити у цей день, прикмети

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3MzMzfDdjOTM3M2RlZTZkYTEyZmJkYmFlZTRhNTkwYmUyYjA5
Title: Біженцям з України у Польщі видадуть квартири: які умови

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3MTE3fDU1ZTJhYzBkODE3NTg4YTgyYTJjOTEzYzQ2NjM4NTg0
Title: На власників дизельних машин чекають проблеми

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA1OTI0fDUxMGZiZDc4NDEzZGM1MTU2YzhiNmFmYWNkODYzNzY2
Title: Україна може залишитися без світла та тепла - пpогноз

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3MzYzfDc2MDQ0OTFmMjVlYzYyNDI5OTM2ZWE1Mzk0NTlkMWRh
Title: Пенсії в Україні можуть урізати: за що та кому

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3OTExfGYzZWQ3YjllMWMwMzI4ZDk5MjI4NjFkMTc2MTk0ZWY5
Title: За двох умов. Осіб з інвалідністю можуть мобілізувати

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3NTkwfGM5MWE5YTdlMTQzMmIyNDYzZTQ5NzUyMDE5ZTdmMTNj
Title: Ціни на пальне восени знову здивують: з'явився пpогноз

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3OTI3fDBiYTkxNWY2NjdmNGExMTE5YjNkZDcwMDk1OTg5Yjdk
Title: Валюта в обмінниках може подорожчати: прогноз курсу долара

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3NTMxfDYyYjdhNzlmNWU1ZTBmYWQ5N2ZmMDUzYjFkMTdjZGJj
Title: 15 000 євро за переїзд на острів: хто може переселитися на Сардинію

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3NDM0fGJhY2QyYzZlMGM4ZjA3MzkyNzM3ODI3NWQ0MjE3MjZl
Title: Порядок призначення та виплат пенсій в Україні: що треба знати

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MjA3ODUwfDEyODU4OTEyNTMyMzI3MGNjYjYwNTYyODg4YjNhNWY0
Title: З листопада психотропи можна буде купити лише за електронним рецептом

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gismeteo.ua/ HTTP 301
https://www.gismeteo.ua/ HTTP 302
https://www.gismeteo.ua/ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sIdFIXxtcXc4RUVuUkw3OVBSa1Q3QnVReWllVFB4TG5iM2RUQ3ZHd2NxeTJKV0ZaRC9naWRsR3cvS0ZqYy9uNE1RWjZpd0RVZ1BRcUVDbTl6OFAxTWNOcjg5UmdjclkwRVQ5eG1kOW1vajBkeVh1cGUrR2d5dzAxYnUxSjlDcjVGRlI2NFJ5M1U1dVNaQzRzWW1Ld3lnTnNMajRXdi9NTTdyaDA3cHlIMmFoNndkUzFCdnpTeXQwSEorSlE3czhnVjRjWXNDSjJaN3pEV1d6NlJETERwZWVYRmRLbFJFWE5IRzNjbHU3czRvNWFJbHZNPXw&cppv=2

Request Chain 49

https://galt.hit.gemius.pl/_1661652085933/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Gs2wI_6JwX2MVY4kTE5Jz5LSvqKWHJsYuwsojRT03Ef.57ch4vGZw5rXZjnbPkXCgfWYEmeFjQsM4RDQZdO0XnMkATuY/PC7M0cEI.cLlj/&ltime=279&fpdata=-TURNEDOFF HTTP 301
https://galt.hit.gemius.pl/__/_1661652085933/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Gs2wI_6JwX2MVY4kTE5Jz5LSvqKWHJsYuwsojRT03Ef.57ch4vGZw5rXZjnbPkXCgfWYEmeFjQsM4RDQZdO0XnMkATuY/PC7M0cEI.cLlj/&ltime=279&fpdata=-TURNEDOFF

Request Chain 94

https://gum.criteo.com/sid/json?origin=publishertag&domain=gismeteo.ua&sn=ChromeSyncframe&so=3&topUrl=www.gismeteo.ua&bundle=O5xk919CJTJCNlR0dE5KQmxnWlQybFRUZ2tYbFd3V20lMkZmNSUyRjIwJTJGNnZ4MENtNGtXNUJ0NjRuTnB1cVpCUnhvbmVmJTJCck5FbGphMUtjYVpNTE56U1ROeiUyQmdiNnpiTnhha1Jqb3MlMkZwZ3dzZlU0V21xWThTVEJIR2dPSG1pV01KbVJ5bmxyYnB0&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=MXPWNHwraElESlE3dklLWGtncmZvYnRHb2VST1cxS2ZCOGhsdVgxSmlwZm9IWmRkZEZHeVlOeWp1Zko3UmxyVEo5SXlhU2xvYXUyTndiRllJb2hVTmpHTC8rMGM5VHBNZkpVRlpGQVY2Wit5aEN6RStLbElqeXlTMXViZmp1RnB1L245dVJQWkNlUnFLSDQ3anNNUCswU1oweElqT1pFM3ArZ2xEUjNEWXhVME1FOC80cnl3bkw4UEUwMmM3cWhIVUxCYno0V0lUbGVJQU9nK1JvKytPYkh0c2I0Z0hRU0xIdExhdTRETDdSNGRETHdaYVhTdjBuUmR1UGFJSkkzdXo3N3VrcGVWVStqY2s1NWVTdndhdVhHYXFpUT09fA&cppv=2

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFsftogDXsfuc3bFQAfXHbo&google_cver=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwrMeAWR14fcP5bQa8f0.AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpCq3wuFSceutzHiaY9vNc&google_cver=1&google_hm=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIJtXWEP4vnEHNDEfIV90H0&google_cver=1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MDgxMTczNjU2Mzk0NjEyMA%3D%3D

Request Chain 120

https://fw.adsafeprotected.com/rfw/st/1081067/64110966/4.js?adContainerId=brand_safety_eMwKY42dG-eO9u8PhtergAg&cbFunctionName=goog_wrapCb_eMwKY42dG-eO9u8PhtergAg&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.gismeteo.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e066ddd1-5c0e-07b6-6b15-01582fe08bb4,c:mxYcr6,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-5c44c554b-lgbrk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:16,oid:5463f769-2675-11ed-b07e-da2a8bc3b8b9,v:19.8.346,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_eMwKY42dG-eO9u8PhtergAg&cbFunctionName=goog_wrapCb_eMwKY42dG-eO9u8PhtergAg&true_pb=

Request Chain 143

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=31fd8227-9c33-46d0-b8f7-190646a36ab2

Request Chain 147

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7750811736563946120

Request Chain 148

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=246f630a-cc7a-4c00-a26d-646b39831cef&expires=30&ssp=between&bsw_param=8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6

Request Chain 149

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LrQlbZfegoL.AikABlGC4i69Zw

Request Chain 151

https://sync.bumlam.com/?src=bw1&uid=a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8 HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARj6mKuYBmIkYTQzNWE2ZTUtN2U2MC01MmYwLWI4ZWItYTNiZWRiZTE2ZmM4ogEQVUJUXCZ1Ee2gRAAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=5542545c-2675-11ed-a044-002590c82437

Request Chain 158

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5542545c-2675-11ed-a044-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5542545c-2675-11ed-a044-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=QSYZXzRNkduwYai0y%2Fv6ww& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/5542545c-2675-11ed-a044-002590c82437 HTTP 302
https://an.yandex.ru/mapuid/adsniperis/5542545c-2675-11ed-a044-002590c82437?redir-setuniq=1

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENJ1vK6a4GeQcwGjNgBRCJE&google_cver=1

Request Chain 160

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdDT1FaUEEtMjYtNFI0OQ==

Request Chain 161

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7COQZPA-26-4R49

Request Chain 163

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI2YmQ3YjgzNGNhYjczNDM5NjFlYjY5ZmM4ZTljOGRlODRkZTM2NA

Request Chain 164

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eFCwU640QdWOv-SKd9c9dg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eFCwU640QdWOv-SKd9c9dg

Request Chain 166

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ryAOoc48RXuPa4Tk3-HB2w&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ryAOoc48RXuPa4Tk3-HB2w

Request Chain 168

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB&dcc=t

Request Chain 180

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 183

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/147022 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/147022

181 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gismeteo.ua/ua/
Redirect Chain

http://gismeteo.ua/
https://www.gismeteo.ua/
https://www.gismeteo.ua/ua/

89 KB
24 KB

1135ms
1135ms

Document
text/html

193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

c2325cc3abd323bc27f327fe7d70ea4b15ff04551216270abc07e94de73141cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache no-store must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 28 Aug 2022 02:01:25 GMT
server: gis
server-timing: type;desc='backend'
strict-transport-security: max-age=604800
vary: Accept-Encoding Accept-Encoding User-Agent
x-content-type-options: nosniff
x-dc: ua.router-cdn-pl02
x-decepticon: 0
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache no-store must-revalidate
content-type: text/html
date: Sun, 28 Aug 2022 02:01:24 GMT
location: https://www.gismeteo.ua/ua/
server: gis
server-timing: type;desc='cache'
strict-transport-security: max-age=604800
vary: User-Agent
x-content-type-options: nosniff
x-dc: ua.router-cdn-pl02
x-decepticon: 0
x-xss-protection: 1; mode=block

GET
H2 200 n_c0.jpg
static.gismeteo.st/assets/bg-header/ 2 KB
3 KB 156ms
49ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/bg-header/n_c0.jpg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ef9e4a353c5adea27356c57a75527bd31dfaddb0cdaa334dd546f8bacac7fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 87c077e3-d501-408c-899b-70c4f6b431b7
age: 5760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1999
last-modified: Wed, 29 Jun 2022 12:57:19 GMT
server: cloudflare
etag: "9e30c27240fbd20ba7719cb8a3f17a31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnJ4V36XJuqQ7aB3xEDkB0qRQy%2FxKbTSuMcyE20yxOuKZv9mLexRYPcKuTtFU5ayG4MBO7ttj7e8SEc2fePIKTG0%2F2qzQ9frdGrQcnoNLFwe3dPVdOGyE5aWBOS4XN2K8mpa8HVEl4zanaFIdYVJfNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1656507438.65894
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757dde73752d-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 197ms
80ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f60bc0d75fe77efbc7f4281e2020d436d61b19960a01eb9b818067896e3d38a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57525
x-xss-protection: 0
server: cafe
etag: 13698527953768617702
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 02:01:25 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 257ms
67ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-08-28T02:00:19+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:45:59 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 180ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24287f9d20dcf167577e48a9a65d297ee75926f2c140696b922996e27a303f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28570
x-xss-protection: 0
server: sffe
etag: "1316 / 766 of 1000 / last-modified: 1661552013"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Aug 2022 02:01:25 GMT

GET
H2 200 gismeteoua.js Show response
stpd.cloud/assets/hb/ 423 KB
116 KB 178ms
70ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/hb/gismeteoua.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c08c7d75ed50f7ead3d65bf0488ba70557b8cfb584bd2b31914513d5ca5f7c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: sRKG9wBq/PwBnSYgDO5BnA==
age: 3559
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 11:58:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e542ee18-101e-002f-5943-b9f25c000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7419757dfadc72ba-LHR
expires: Sun, 28 Aug 2022 06:01:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3565
date: Sun, 28 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 28 Aug 2022 03:02:00 GMT

GET
H2 200 xgemius.js Show response
galt.hit.gemius.pl/ 57 KB
15 KB 269ms
78ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/xgemius.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 9709536c63c0fe7d46b59bcbdbd32a33e8201d32316674a742d003c767b2e2b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 10:49:02 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Sun, 28 Aug 2022 14:01:25 GMT

GET
H2 200 desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
www.gismeteo.ua/ngamg/assets/bundles/ 214 KB
34 KB 86ms
86ms Stylesheet
text/css 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

4fb127faab61d35a30e2941868508a1d37b60658f3310af0c702b19e2538bed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"6306003b-356ec"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 desktop-weather-ee8b471b0df46f744006.js Show response
www.gismeteo.ua/ngamg/assets/ 138 KB
30 KB 140ms
138ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/desktop-weather-ee8b471b0df46f744006.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

6d2941542d48d1d601fd4113febd03be394c3645ff435163ff5200867120943a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"6306003b-2262f"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 n_prc.png
static.gismeteo.st/assets/maps/ 7 KB
8 KB 135ms
50ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_prc.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ff33ff05a65a7275c4ecf0792cfd9010a6bfc139af4ca18fddc3f4674afc90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: bf37109c-2b81-42ac-80e5-8a0e43201925
age: 1062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7412
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "773ddb5c311bbd5c6045c933b0ba8878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhRlOFLiYZvKHjXeyYnuDfn6BCj1H9J9xRQmcYBe6H2MapB6KgwAnpQUimiT67kVH0s24SmRs0rdZyMHWHFK6x4FIUQRa0GS2VfjCPidcIR0eVKDJrYv1KIVIQ1PrXm9isLfiv9oynQT9fuq%2Fx31NeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.43545
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757dde75752d-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 n_temp.png
static.gismeteo.st/assets/maps/ 11 KB
11 KB 137ms
52ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_temp.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a56c205b17f172e198b8ecda86282e8e29a86d88d02a39ac120f527fc71bcd17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 420fde05-3478-47b1-81a4-8407f559c91d
age: 1062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11333
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "3eae37d0e2661370eb06e2d380bbbdf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjRxL7RKF7R8Dgx4euh5PREtDRphcqYNYbRVKo5X5VBN%2FysIdLI%2Fqd6LEpDS5ltgK9YzppcKCvcCNOPUXo4wSn2EWbEpXN2d0O45Xml%2BP5QrYSSEzuRwA%2B8yN%2FPMsYiXqzxXIr1R9J5ZuF9bWyeXe3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.44904
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757dde74752d-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 n_wind.png
static.gismeteo.st/assets/maps/ 9 KB
10 KB 136ms
51ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_wind.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d406d4745472525da74efe07425fa1c73865f524dccf430f6c0f0e85f6f06b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: d4fdce7f-9536-4c07-b375-0cc57ebf810b
age: 1062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9644
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "708edc4ea31887977ccccc22ec1bfc55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls03pYN6%2B%2FqyUtxcMqNPHKirjyBJNlDINPHspYYo%2FsFcuv8gds7%2B0MqFahVRNFjlku5qD7xT9wZ2u%2BOzmJtOvAqm7UoW0emDxKpreN%2FVsAdF8lRup4shsbKHjZzAsftsvuVrGvr%2B7iQIMIqYI85D2jM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.43534
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757dde76752d-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 n_clou.png
static.gismeteo.st/assets/maps/ 16 KB
17 KB 137ms
51ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_clou.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894aa20536ae6e99f77b8ea596211dc5a629e23fc3bd25be898f78612e245abc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 2e188f17-3d35-4ac8-8804-3878ca308620
age: 6840
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16673
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "1b7c0d26141bc5bb03c7724257285479"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY%2F7WSFeKH6JLRrOCBR3w8G54Ek7%2FZMDIqvY9tVC8%2FfJqj5T6fYDrBpwz3CZGHaNN5CYj5oPQkWBrGjrfbwv4wcK2SfeZha2DKzIMwtT2W054sy5nERP7pcBQFNuE0P%2BFnXSKhMn9L93f2oXHJL31ZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.60980
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757dde77752d-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 sprite-v2.min.svg Show response
www.gismeteo.ua/ngamg/assets/ 389 KB
27 KB 142ms
142ms XHR
image/svg+xml 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/sprite-v2.min.svg

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

8c5e9d95789ab855ee46c1cee4514ab3e9e1bc44f45168c36efe93587b81a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"6306003b-614b1"
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28afb0bf5088962ee2ab6ccd51361d8851bbe38b82cb49acc1c5730fcc25f033

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 map-660.jpg
static.gismeteo.st/assets/ 17 KB
17 KB 246ms
246ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/map-660.jpg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d48083fb1497fd8a18c60cee6cc3d02a5d35400774750a32c88e3df45aa6fb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 739c0ad8-1930-4c44-9843-a50f48a8c4a2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17025
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "40adbd6ea95113ca81ae8ffee32e5386"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VUBZqifkvmqf7Lv20VL0nJKOEpAWbtYP7n9DObGQH6f7JaAqdvST8q9fnqHoopOnf%2F9wjqnLAWuJpf6NAieoPmVZMGIs5cfZN69MjB29c%2BnSuvVY%2BNQVpVtv8DdX8qZnOM%2BPyg1s848Gkh%2FGjZ1ffg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1656507445.41023
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757dde81752d-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 feedback.svg
static.gismeteo.st/assets/icons/ 811 B
1 KB 50ms
50ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/icons/feedback.svg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65510155fba43504911909ebd5a89b33097335878ff825b6fd565d61a4688404

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: fb3e9e66-3a1c-4046-9424-4b5f31c97302
last-modified: Wed, 29 Jun 2022 12:57:25 GMT
server: cloudflare
etag: W/"c077383c0a4aa756b25856ba0429cf7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31T6fNomC38HcdvY0G2w1eZWUSJRykV5VZXBB5uLXvqEDrkRoEhEj2Fie1DetTcchzSL6p0%2B24vOmKo5%2BRGHuB5%2FqqwJHBOX%2FaZsbsS%2F9wOyITAoN5DTXmOgWvrvtAVfgYS0R4x9oH%2Fqt%2B5WXZ27qsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1656507444.46287
cache-control: max-age=5356800
cf-ray: 7419757e0ea3752d-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

POST
H2 200 z Show response
s.znctrack.net/ Frame 42CE 51 KB
23 KB 358ms
167ms XHR
text/javascript 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 579f5cc460eae1187e0176ec65c41f465ef76970f76eaa4b6573e3d321b690b2

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23639
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 485-447dfe3e3d396b360059.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 1 KB
839 B 106ms
100ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/485-447dfe3e3d396b360059.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-ee8b471b0df46f744006.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

130abfcf6a76e6eca3a26b5e28c9a3888f781b387f1c4738ab0050c62dc3f011

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"6306003b-4bf"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 943-7a0b66bc368077b88f81.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 1 KB
918 B 106ms
101ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/943-7a0b66bc368077b88f81.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-ee8b471b0df46f744006.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

c210a0a3eadddeb40cd8459858c28f2b7e294a75adafef7c13c9d1cc9ab9cb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"6306003b-4cf"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 414-537069c9394abb7e7a92.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 888 B
748 B 106ms
102ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/414-537069c9394abb7e7a92.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-ee8b471b0df46f744006.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

fe2afd17237c8eaeaa6ca240c0af8fcf7464920edcfac8816589ea92322fc31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"6306003b-378"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 142-a34a7192c37dd00992cc.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 375 B
703 B 104ms
101ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/142-a34a7192c37dd00992cc.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-ee8b471b0df46f744006.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

343258b367bfb47c4bcdfa53bb95c5552a89701e36b55396a433505f53dc64d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "6306003b-177"
strict-transport-security: max-age=604800
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 375
x-xss-protection: 1; mode=block

GET
H2 200 px.gif
www.gismeteo.ua/ngamg/assets/ 43 B
361 B 91ms
90ms Image
image/gif 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gismeteo.ua/ngamg/assets/px.gif?ch=1&rn=5.3574209600272

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "6306003b-2b"
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 px.gif
www.gismeteo.ua/ngamg/assets/ 43 B
361 B 91ms
90ms Image
image/gif 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gismeteo.ua/ngamg/assets/px.gif?ch=2&rn=5.3574209600272

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 10:40:59 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "6306003b-2b"
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 585a6cdff14bed65f7ab690f59527274_66x44.jpeg
rss-images.gismeteo.st/585/a6c/dff/ 1 KB
2 KB 161ms
48ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/585/a6c/dff/585a6cdff14bed65f7ab690f59527274_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8fd549076facade6d9bbc7d152c457f74e8c1d33cbbea2235013e33cb8429a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 717a6a1c-1eef-48b2-8e61-988250536c09
age: 3264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1329
last-modified: Sat, 27 Aug 2022 21:12:11 GMT
server: cloudflare
etag: "060d188a28dc4ca569494d220343356f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YQrjqY0Q5Wg1yk36tyCAeyt9YrvxXh7vNmd3qeuNBPYrQVs1fLDz1%2BiRetDU9McNNywEqCYk6xDokevfvTzVCJZLYNriuaKa25Wp9lea%2BNoTDqdsxjT%2F25cAoNokKqQP66HvoUgtPDv%2Fp5eYoyWqPBjfCkg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661634730.52495
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f4c6d75cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 bfde6a79e3020dab58274e39a937300a_66x44.jpeg
rss-images.gismeteo.st/bfd/e6a/79e/ 1 KB
2 KB 357ms
246ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/bfd/e6a/79e/bfde6a79e3020dab58274e39a937300a_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2638eaae9dc2402c9664742a634e8826efe152414b9e5336dc95f7a177e01fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 46f0964f-0b60-469e-966d-af086b3a4013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1422
last-modified: Sat, 27 Aug 2022 12:12:26 GMT
server: cloudflare
etag: "a21edf5355235e2ab59048282355eb0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGSowP3ZdHsiMugwGhf67AzzIJtIepOgzdr8hGiQB%2FWiq99l4irfeZCloWoAak1TlNQ6Kg4aji80gYDxzCkCkiRO9%2FO4Mbm5wrx5UQzbaCWq7DAeJhAgSM5nwr8IP39yaQyY00xdskyhMbIkl%2FXOnarh%2FFcg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661602345.00577
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f4c6e75cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 7640ba7e182791e1f8388adeee751592_66x44.jpeg
rss-images.gismeteo.st/764/0ba/7e1/ 1 KB
2 KB 161ms
50ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/764/0ba/7e1/7640ba7e182791e1f8388adeee751592_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028ece88a0bad9dae07f7157e17893a24694368f734d2868ce54109dac4eb1f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 2ccb243f-dc82-4ab5-811b-e213935c385f
age: 1652
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1290
last-modified: Thu, 25 Aug 2022 17:42:31 GMT
server: cloudflare
etag: "fd6e80578e0fa5a0ccdc63ea657b9e33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FEUuZLZvb6aPAlXuqz7S%2BQ5x8iWwmrNCnQCMWBwe3pR7GZPy74KaahJwXNgAP08TfunGFapHBQq7wHmVCf82O3Je0EcPJZQE6VfHCFOS1EdDXundLDoBZxIHIP9Qm2CZFS%2FFz8gXt%2FnJMj8EBsO0CbOxibm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661449350.20684
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f4c7075cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 3e102988b2decf813b07afb069d33a21_66x44.jpeg
rss-images.gismeteo.st/3e1/029/88b/ 897 B
2 KB 379ms
268ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/3e1/029/88b/3e102988b2decf813b07afb069d33a21_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28fa0ae8c014c194a5c63cfe418d5d21e3b8df63348d0bbb8aefab5de12eaea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: ae15f29f-9614-4cde-8cd0-b5525282e884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 897
last-modified: Thu, 25 Aug 2022 14:42:20 GMT
server: cloudflare
etag: "bc4cc8bf3b0c38f1524b50ec42616511"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR8cFjhKGjbl93WmcyEZ8pBd%2FCgyKRMI2ycVnTaIrHBbb4LMe4183JiI%2FBh7lSGsDjkKXXh%2Fhv1vfEgRcaICjtj995onfvIrgh36%2FwgHZ01gom2Ciko7CtYjkjQSyVEqOOOxgcp%2BKTktBqEXpWiSdbvQXInR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661438539.97239
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f4c7175cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 ecd45a63e14582f5e6f64761c2c850e1_66x44.jpeg
rss-images.gismeteo.st/ecd/45a/63e/ 1 KB
2 KB 357ms
247ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/ecd/45a/63e/ecd45a63e14582f5e6f64761c2c850e1_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a77be3f964fb2a81b4a76f77cf9e4b913721c0befbf1847987761a5f63745b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 11e34dac-7bc2-4caa-b1ce-cd730819b90e
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1409
last-modified: Fri, 26 Aug 2022 11:42:18 GMT
server: cloudflare
etag: "6472208b5677d48b193e3f0feed21628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fq1Qfe0%2Bk1sjV5OwTBJHNy0shlvNI3X1Es5pRIrg82Q9oC7Ei%2B6XdDI%2Fx1GG1kqw5DA7n73JLZIN%2BDeygmST%2BMrSHZgGDblm9cAfTGCfNdH%2Fq37hSq%2BUPGIxUtHf03rAKpjXzCrYGTxtpkgIbRYZ6QPhHK35"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661514137.94360
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f4c7275cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 284294208bc5ff2374e327f498efb124_66x44.jpeg
rss-images.gismeteo.st/284/294/208/ 1 KB
2 KB 361ms
250ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/284/294/208/284294208bc5ff2374e327f498efb124_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b8b0567f71ee43f2417ab43d85e6aac06f26c54f659d831826bb1fabac7ced3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 5d2ce3c0-fcfd-4c03-bea3-b345ad53cd9c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1223
last-modified: Sat, 27 Aug 2022 09:57:09 GMT
server: cloudflare
etag: "9c14a8eb99bcbc17ffb4f739ba0a0849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ubg9CSR8xVryoAi%2BCc8eiF%2FkFxL%2B%2FgxyZ22AKZpRifM72mBeIf%2FHVd2FZdxcom4B%2BIz55yan9TezecFUFxE58fNmvRVjAWErVYGXMyjX%2F3Z4gF6Z2WK4jkp42KJopeNrg0oJPvCqUYlop0SvoPBiLEb8RCEi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661594228.34182
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f4c7475cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 a58d4be596592ab1a379ad1b504dade4_66x44.jpeg
rss-images.gismeteo.st/a58/d4b/e59/ 1 KB
2 KB 266ms
265ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/a58/d4b/e59/a58d4be596592ab1a379ad1b504dade4_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26215e3689877a4ddd07c4fdf1b145aaab0b38bc296f603b14e37415e6ba9302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 48c5be68-2061-43c2-b6a1-ec47597aa120
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1452
last-modified: Fri, 26 Aug 2022 14:42:15 GMT
server: cloudflare
etag: "b396408f92d852ad8d82f948a62da386"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYi5yry1eU6pSlQqwSBxLUyNO9lXI2zhIbV%2FtXq8F7RBSaiUTTMcU4aFJapHSVgqZZBWbq3MsroInfa41YGZBem8twEb9P4zxbafPbs44ejrT2XVvepVXN%2FFjD%2B7QjHQv6ituFGp11LembVkDa%2Fq3JtV5avC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661524934.27274
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f7c9775cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 2b1f197046f5a921108b461e4b5b7db8_66x44.jpeg
rss-images.gismeteo.st/2b1/f19/704/ 2 KB
2 KB 291ms
291ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/2b1/f19/704/2b1f197046f5a921108b461e4b5b7db8_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a39f570427f003b3fe77c6a011ffbfcf96fa4f0ca741d2f3df2620473c140d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 809bc029-9a0a-48b4-adeb-4d8816a0accd
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639
last-modified: Sat, 27 Aug 2022 12:12:25 GMT
server: cloudflare
etag: "d948baff0e7866ea46924e2ec77b238b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0PjloA8eMnzJcA6NedjL6Rp%2BYBlt4qWDtoTKq6kh3kXxM5o0BO3yqSgulrjAV95af1uyNNaK4fkTXIkzkh0Ei%2BNH%2Fz4cFHwMZgwbRc4%2F6bwQPOENHraTZSVjhxyCFbjWrp%2BFEfAZZBv2yXlRlTuREGCIpgl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661602344.97017
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f7c9975cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 17580d30ae4fb208228e799639e755a5_66x44.jpeg
rss-images.gismeteo.st/175/80d/30a/ 1 KB
2 KB 267ms
266ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/175/80d/30a/17580d30ae4fb208228e799639e755a5_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b527e86d1e1355426b50d8e43523d84bf699ff3434a11db4f939fbd112ec335f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: b8cd9d0c-cf79-49ba-a17d-ab8b83a1aadd
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1393
last-modified: Sat, 27 Aug 2022 12:12:26 GMT
server: cloudflare
etag: "ce0ebfed9e0209518c4a8a888568edb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLT7ZOa3jXqO4xzVnfgfizelr7xNbjFq9kpXbHmjQwgmdJI5ofQTS3Av%2FM%2FT%2BbvL%2Fr%2FABrS3x4nPkJwPOd%2BRL4DLFyfEe8QQ%2FFVbh4x7v93d62D8q27zN7lHwtdi5EON4zLKRvuksNkb9XUJ%2BqYMhSmUNOGg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661602345.04740
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f8ca775cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 da173176903c6a7a369cbc5663a033b7_66x44.jpeg
rss-images.gismeteo.st/da1/731/769/ 1 KB
2 KB 270ms
270ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/da1/731/769/da173176903c6a7a369cbc5663a033b7_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ceef6b115a58d54ec71e535ed8005bc70638914e6210bcbd450c3a9a327cf4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 9746d8d1-8184-4630-8782-9154ff96fd45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1223
last-modified: Sat, 27 Aug 2022 12:12:26 GMT
server: cloudflare
etag: "81486084dcfecd80610a2936d44a5859"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08AV7lrwonfmngmYI6Kuv5UKxW7L77a1Afk0uzGu7vufofiuDP%2Bj%2FHPCYoJWZxed3adsooC3md3UEPKkMRaCWPN8yZnNvfTZtvPsssVN4EXFQuQB8azbjo%2BYH69zS6DN7OGPQYL3c3KiOU%2BHzlsN9PV%2BXLSg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661602345.05721
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f8ca975cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 9deea4d9187d5dc5e2f54e041496548d_66x44.jpeg
rss-images.gismeteo.st/9de/ea4/d91/ 1 KB
2 KB 282ms
282ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/9de/ea4/d91/9deea4d9187d5dc5e2f54e041496548d_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eefb758ec0d6ed2319696a5fcab07481672b952b95a8bccef85e6ede888551

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: acdc6c3b-0155-44ef-a457-b8f02ad370c2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1186
last-modified: Sat, 27 Aug 2022 12:12:25 GMT
server: cloudflare
etag: "471cb2b715077cdaf9b121b5ee876580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjjXp1CJlGCTFuBcbCFGKcKTRn326ZvEGbPyZQSLMQbj2Qtj0rzKFnHvEO0YXX65qn8nLQa4mqadzOsXFcEZJf45urzlU3MzAZ0CSZJXQDDgEBRwg1lWSZWZVE0tF5Crk2jenTuMuM24LZda3Gf0qsko2IE3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1661602344.95567
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7419757f8cab75cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 61ms
60ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=0&a=147016316&t=pageview&ds=desktop.weather&_s=1&dl=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&dp=%2Fua%2F&ul=en-us&de=UTF-8&dt=GISMETEO%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%2C%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B8%20%D0%BD%D0%B0%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%2C%203%20%D0%B4%D0%BD%D1%96%2C%20%D0%B2%D0%B8%D1%85%D1%96%D0%B4%D0%BD%D1%96%2C%20%D1%82%D0%B8%D0%B6%D0%B4%D0%B5%D0%BD%D1%8C%2C%2010%20%D0%B4%D0%BD%D1%96%D0%B2%2C%20%D0%BC%D1%96%D1%81%D1%8F%D1%86%D1%8C.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1761449922&gjid=1771060499&cid=897840707.1661652086&tid=UA-12105830-25&_gid=57684879.1661652086&_r=1&z=518287215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022082302.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
130 KB 172ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 12:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132097
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:23:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Aug 2023 12:10:51 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
724 B 176ms
62ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gismeteo.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69203082f1a1c36dc4a1668c84a1e46b9f660839dd6d4af9e96f48c6d8c0fdaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Sun, 28 Aug 2022 02:01:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 171ms
55ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12105830-25&cid=897840707.1661652086&jid=1761449922&gjid=1771060499&_gid=57684879.1661652086&_u=YEBAAUAAAAAAAC~&z=784513631

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Aug 2022 02:01:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 4D6E 738 B
519 B 61ms
61ms Document
text/html 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 28 Aug 2022 02:01:25 GMT
etag: W/"63049f42-2e2"
expires: Thu, 24 Aug 2023 17:02:04 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-08-23T17:02:04+00:00
x-id: cec-up-gc13

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 64ms
64ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-08-24T21:15:34+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Fri, 25 Aug 2023 21:15:34 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 84ms
84ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-08-23T17:02:10+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Aug 2023 17:02:10 GMT

GET
H2 200 fpdata.js Show response
galt.hit.gemius.pl/ 280 B
393 B 76ms
76ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/fpdata.js?href=www.gismeteo.ua
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 0187c990d35bb02b70d3260ecf0f1f9b4f522a2a201b134e8d6b9ce5e71f4a18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 280
expires: Tue, 27 Sep 2022 02:01:25 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame A940 5 KB
3 KB 253ms
80ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: 44cc200eabfd8d1f870e2c401a03bc753e471c1f5dfb518a208df9415a59e8d2

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2713
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 02:01:25 GMT
etag: PRIVATE7520710249
expires: Tue, 27 Sep 2022 02:01:25 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 204 /
loadercdn.net/ 0
169 B 731ms
91ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=720037087e108e3a&d=www.gismeteo.ua
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Aug 2022 02:01:26 GMT
server: openresty

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 171ms
56ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.gismeteo.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 28 Aug 2022 02:01:25 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1180
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 161 KB
41 KB 674ms
63ms Script
application/javascript 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 28 Aug 2022 01:35:42 GMT
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:10 GMT
server: AmazonS3
age: 1545
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P5
content-encoding: gzip
x-amz-cf-id: bmoAnQo6zpVO39l3ApsOFO-ONzPv086vSMsP0wRYDvEIjBT1PJS_9Q==

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=sIdFIXxtcXc4RUVuUkw3OVBSa1Q3QnVReWllVFB4TG5iM2RUQ3ZHd2NxeTJKV0ZaRC9naWRsR3cvS0ZqYy9uNE1RWjZpd0RVZ1BRcUVDbTl6OFAxTWNOcjg5UmdjclkwRVQ5eG1kOW1vajBkeVh1cGUrR2d5dzAxYnUxSj...

358 B
623 B

149ms
52ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sIdFIXxtcXc4RUVuUkw3OVBSa1Q3QnVReWllVFB4TG5iM2RUQ3ZHd2NxeTJKV0ZaRC9naWRsR3cvS0ZqYy9uNE1RWjZpd0RVZ1BRcUVDbTl6OFAxTWNOcjg5UmdjclkwRVQ5eG1kOW1vajBkeVh1cGUrR2d5dzAxYnUxSjlDcjVGRlI2NFJ5M1U1dVNaQzRzWW1Ld3lnTnNMajRXdi9NTTdyaDA3cHlIMmFoNndkUzFCdnpTeXQwSEorSlE3czhnVjRjWXNDSjJaN3pEV1d6NlJETERwZWVYRmRLbFJFWE5IRzNjbHU3czRvNWFJbHZNPXw&cppv=2

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

67b97aa87a6f7bbbc0a23fcc15946bbadd80bac4c5eda988db95fa7a25150be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2299
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
location: https://mug.criteo.com/sid?cpp=sIdFIXxtcXc4RUVuUkw3OVBSa1Q3QnVReWllVFB4TG5iM2RUQ3ZHd2NxeTJKV0ZaRC9naWRsR3cvS0ZqYy9uNE1RWjZpd0RVZ1BRcUVDbTl6OFAxTWNOcjg5UmdjclkwRVQ5eG1kOW1vajBkeVh1cGUrR2d5dzAxYnUxSjlDcjVGRlI2NFJ5M1U1dVNaQzRzWW1Ld3lnTnNMajRXdi9NTTdyaDA3cHlIMmFoNndkUzFCdnpTeXQwSEorSlE3czhnVjRjWXNDSjJaN3pEV1d6NlJETERwZWVYRmRLbFJFWE5IRzNjbHU3czRvNWFJbHZNPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2061
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ 216 B
625 B 668ms
62ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216620.ip-141-95-98.eu

Software

Resource Hash

f37222ba1c04bcacbc5082561d22b82a9c7e947e0dfabb097a5e4f64e8cbf519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Sun, 28 Aug 2022 02:01:26 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2

200

rexdot.js Show response
galt.hit.gemius.pl/__/_1661652085933/
Redirect Chain

https://galt.hit.gemius.pl/_1661652085933/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A...
https://galt.hit.gemius.pl/__/_1661652085933/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https...

167 B
473 B

151ms
151ms

Script
application/x-javascript

79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/__/_1661652085933/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Gs2wI_6JwX2MVY4kTE5Jz5LSvqKWHJsYuwsojRT03Ef.57ch4vGZw5rXZjnbPkXCgfWYEmeFjQsM4RDQZdO0XnMkATuY/PC7M0cEI.cLlj/&ltime=279&fpdata=-TURNEDOFF
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 9e37393d6f573fe5819635f2c25b4c9ef9a85e99a675229b2abbd124cdedcad5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 167
expires: Sat, 27 Aug 2022 02:01:26 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:25 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1661652085933/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Gs2wI_6JwX2MVY4kTE5Jz5LSvqKWHJsYuwsojRT03Ef.57ch4vGZw5rXZjnbPkXCgfWYEmeFjQsM4RDQZdO0XnMkATuY/PC7M0cEI.cLlj/&ltime=279&fpdata=-TURNEDOFF
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 27 Aug 2022 02:01:25 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
637 B 624ms
77ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un3VynsDJaolZTDPe%2FNIOB21nv4he5Vff9H96vOEsZoC9jJbc%2BKmfVVMATCcuuNZzOCYbjLqC4PQcrskcrh9jv%2F01OshrfvutgvdSyJOTX7iqZczQn9bWUUh02nPnY7t1ueboIVHTe8atUsg21jl2Z6gzoE7"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 74197584e83788b9-LHR
content-length: 42
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 11 KB
7 KB 754ms
208ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c05733753a43a3444c66e94bed42acf77d626d5bd1a07a459a6dbb806bde84c3

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFjHPexD5mZWfy3BGH7cyaFGBrYpWcP7PvBM1wKo%2BgzsV2vPqe%2FG3vPW9SCQeyzsnxwClNNTYzCmkbnFjbt%2B3u31EXWAHoqCtWPKqUPYStfeWe8TnsOOpNZlRCw7I6S31hqIBPN7xg85i1mZHmM%2Bkg4aULnb"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 74197584e83988b9-LHR
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 585ms
57ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Sun, 28 Aug 2022 02:01:26 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST auction
rtb.adxpremium.services/openrtb2/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 591ms
67ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Sun, 28 Aug 2022 02:01:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
639 B 697ms
168ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=657865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222987dcd1a8922c2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22945%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22309b9342beb40da%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_top%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22313fb22047fb7aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_top%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232d52f76e21c8c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_640x250_middle%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233067281d9df44%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_640x250_middle%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2234176ecf8866a23%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223541179aa017b8f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f70f7f2fd46bf379c73263e07a52ea27eb6157f55d7399cb0487de0684069e

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 28 Aug 2022 02:01:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNZ1Dj6wLtL75%2FGfk39oVqxtM9G2nkDJR4GkEEbuHGS6p3F0KV7uD3tipiiYrPWt1o4R4LTxmzAw4iMaD8w57NUskgTQ3d%2Fx2AK7c%2FCl0kBDUSA%2Bc0E3yJDAALJYH1Q4H1Spxhd2"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74197584d89d887d-LHR
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 15 B
488 B 696ms
162ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwMTQ3NDUmdHJhbnNhY3Rpb25JZD1jYzhkMTU0MC0zMTYxLTRmNmItOWNjMC1hNDg2MDRlMjRiMjc%3D&bWlkPTEwMTQ3NDYmdHJhbnNhY3Rpb25JZD0zZjg5NmZhNy05NTliLTQ5NTgtODBjZS0zMWI4NGJlNGMxMTU%3D&bWlkPTEwMTQ3NjAmdHJhbnNhY3Rpb25JZD03YjNjOGZlZS1iZGYyLTRmYzMtYTAwNC0wMTAyM2FlMTczM2Y%3D&pt=gross&stid=0a21d92f-048e-4110-a05b-92f3ab1f7371&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjZiY2MwNmFmLWNhZGItNGY0MS1hNWFmLTQ5OTA4YTliZmZhNSI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.gismeteo.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 591ms
60ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%22e4047fa7-2ef1-47f2-ac37-e2eb4c56275e%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22cc8d1540-3161-4f6b-9cc0-a48604e24b27%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%224189be3f938e758%22,%22bidderRequestId%22:%22402cd4259dd5a3f%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%223eed7b20-e4d6-4754-8d81-9e1f39471dfb%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[640,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1053cd16186dc2971ad9%22,%22transactionId%22:%223f896fa7-959b-4958-80ce-31b84be4c115%22,%22sizes%22:[[300,250],[640,250]],%22bidId%22:%2242ac5fc2126b151%22,%22bidderRequestId%22:%22402cd4259dd5a3f%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%221bc37e72-499a-4a34-8c41-e6aeca80a400%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22div-gpt-ad-614315f45f18840a44c3a980%22,%22transactionId%22:%227b3c8fee-bdf2-4fc3-a004-01023ae1733f%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%2243ce2571d7893d1%22,%22bidderRequestId%22:%22402cd4259dd5a3f%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Aug 2022 02:01:26 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 586ms
56ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer1%22,%22params%22:{%22zone%22:%22562c275c-99d5-416d-931e-2af05a87a112%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22cc8d1540-3161-4f6b-9cc0-a48604e24b27%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2245245da4dc82bdc%22,%22bidderRequestId%22:%22442edaddbf536d9%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Aug 2022 02:01:26 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 582ms
53ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 580ms
51ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:25 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 648ms
119ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:25 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 5 KB
2 KB 861ms
340ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: c8a72ec1f1a4635013511eca88ced2449ae3035762d87c48658a4329bcef9489

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Aug 2022 02:01:26 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1252

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 49 KB
12 KB 690ms
164ms XHR
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6783d5fc381c850006df213be6f9a25a599360cbd81a6ad72825af8efe653b62

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Aug 2022 02:01:26 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 63e8c3d1-f40f-40e6-b5ba-9ff5f4e8c450
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 582ms
56ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer2%22,%22params%22:{%22zone%22:%228eeeb07c-14a6-4155-8645-280af7717e71%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22cc8d1540-3161-4f6b-9cc0-a48604e24b27%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%22589524edd4cdda2%22,%22bidderRequestId%22:%225718aff5371461%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Aug 2022 02:01:26 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 672ms
106ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=715140&size_id=15&alt_size_ids=10&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=6bcc06af-cadb-4f41-a5af-49908a9bffa5%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=cc8d1540-3161-4f6b-9cc0-a48604e24b27&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.691103337561983
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2f993db6e30bbd94ee90badf25d83ebe65d8eaf4598d458bd42baf0fbb657d1e

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 670ms
105ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=2028902&size_id=15&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=6bcc06af-cadb-4f41-a5af-49908a9bffa5%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=3f896fa7-959b-4958-80ce-31b84be4c115&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6506959427495631
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 363c6fac5b3f75edd2474d6a8c8b0e0fc9631c26a1539ea7ef245bbc102ffc24

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 667ms
102ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=706518&size_id=15&alt_size_ids=10&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=6bcc06af-cadb-4f41-a5af-49908a9bffa5%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=7b3c8fee-bdf2-4fc3-a004-01023ae1733f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9615546317370252
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0fe46bc11974108272971ce38f0d466dbacf7bd9d1b8bc14064e68d325a92c15

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 588ms
65ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0&cb=71595572304

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 28 Aug 2022 02:01:25 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.gismeteo.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 587ms
65ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22a59e8cd9-62fe-423b-93df-8dd46ab09227%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22cc8d1540-3161-4f6b-9cc0-a48604e24b27%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2268ca2740f2b4236%22,%22bidderRequestId%22:%2267719dd66a7244d%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22992a8906-465c-43f3-94a7-f1925a5931d2%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[640,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1053cd16186dc2971ad9%22,%22transactionId%22:%223f896fa7-959b-4958-80ce-31b84be4c115%22,%22sizes%22:[[300,250],[640,250]],%22bidId%22:%226905320d7d118c1%22,%22bidderRequestId%22:%2267719dd66a7244d%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2272bd4b55-3db2-4cde-919a-6045c3eb9e9e%22},%22userId%22:{%22pubcid%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%226bcc06af-cadb-4f41-a5af-49908a9bffa5%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22div-gpt-ad-614315f45f18840a44c3a980%22,%22transactionId%22:%227b3c8fee-bdf2-4fc3-a004-01023ae1733f%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%22704982bd0d2f2e1%22,%22bidderRequestId%22:%2267719dd66a7244d%22,%22auctionId%22:%220a21d92f-048e-4110-a05b-92f3ab1f7371%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Aug 2022 02:01:26 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ 73 B
377 B 584ms
63ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cc8d1540-3161-4f6b-9cc0-a48604e24b27%2C3f896fa7-959b-4958-80ce-31b84be4c115%2C7b3c8fee-bdf2-4fc3-a004-01023ae1733f&nocache=1661652086001&pubcid=6bcc06af-cadb-4f41-a5af-49908a9bffa5&schain=1.0%2C1!setupad.com%2C945%2C1%2C%2C%2C&aus=300x600%2C300x250%7C300x250%2C640x250%7C300x250%2C300x600&divIds=div-gpt-ad-60db1014cd16186dc2971ad8%2Cdiv-gpt-ad-60db1053cd16186dc2971ad9%2Cdiv-gpt-ad-614315f45f18840a44c3a980&auid=544016144%2C544016145%2C544016146
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 51f95e632f7eacb16867bfd50ae647a58f9a995faf6796e3f8ac459f9d308bef

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
911 B 577ms
64ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 331ms
56ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 28 Aug 2022 02:01:26 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1617
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 z Show response
s.znctrack.net/ Frame F470 102 B
451 B 88ms
87ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: f17e298573af53fdf05d24ea1b1f73b68382bfd7196f45d70e9256110e447f8c

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 28 Aug 2022 02:01:26 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 55ms
55ms XHR
text/plain 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gismeteo.ua&pubid=fb12f96a-c574-4c9c-aae0-d4c14e79bb3f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 00:38:20 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server: Server
age: 4985
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gismeteo.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: hW0usY0yn2pIbYLQ4RYFjAyd0WprPAaYBw9erkYLKQI4L4YE5m1Kqg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 97ms
96ms XHR
text/javascript 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&pid=YFi4ywt4y9CZ7&cb=0&ws=1600x1200&v=22.8.221912&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-60db1014cd16186dc2971ad8%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_300x250_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-60db1053cd16186dc2971ad9%22%2C%22s%22%3A%5B%22300x250%22%2C%22640x250%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_640x250_middle%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-614315f45f18840a44c3a980%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_300x250_bottom%22%7D%5D&pubid=fb12f96a-c574-4c9c-aae0-d4c14e79bb3f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.108.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-108-49.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:26 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: NXQZXZZ7E4AKMXBTK7QD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Oa6aorsQs5LF9lGpo2ovZBKg9-bGqD9ZAYDM5MTe0LcMsjxQgIv4yA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 164ms
54ms XHR
application/javascript 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 24889
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Sat, 27 Aug 2022 19:06:38 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: CMELnNvAqQ-jpMkjzlVMGqVT1zCozc3GNT2H3l2UxbyBYwNdJL9PvQ==

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 62ms
61ms Ping
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 checkmark.svg
static.gismeteo.st/assets/icons/ 169 B
931 B 103ms
54ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/icons/checkmark.svg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df94b012428d4a6fdae47f60cf86ffc6eb3e3d115ba5a3e71a287f78b35074db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5070
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: b49b9f2b-cd47-4978-9a34-0d39ff97cf01
last-modified: Wed, 29 Jun 2022 12:57:25 GMT
server: cloudflare
etag: W/"1b71e1c78d20a8e58d00da0f8828469b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfH%2FyuESuvRGYw9tSIuwnk7vwv8u%2BQDMeeXy2SA4mB003FLvMaitetkk%2FY9JzcV%2FOJcYhGJ3kaml4eGb7u6PzJC8KwqNbJwSlD2mbyQ5uUTgZSyYf2C2Uvo%2FrPCSMDsLv%2BLwlg52c1gnwkpwt%2FUpktQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1656507444.30036
cache-control: max-age=5356800
cf-ray: 741975866e3c76f3-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc706da7708489e7e72f770c368ad6b362f7b8be58eb221699df21b97eb8fb80

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75d19b9bf5745d06ab4472468c07fd174802282448222f92bee9d8cc0319116b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 537 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a174b4bf00eb83e8211d8425b45e6785b1af25b1d7df7d731cafcb37dc580e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ Frame F470 176 KB
55 KB 68ms
68ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-08-28T02:00:19+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:45:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 179ms
62ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gismeteo.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 02:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 183ms
66ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gismeteo.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 02:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 1181ms
1070ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3775869796212765&correlator=497219189511569&eid=31068458%2C31069104%2C31069153%2C44742767&output=ldjh&gdfp_req=1&vrg=2022082302&ptt=17&impl=fifs&iu_parts=21802255954%2Cgismeteo.ua_640x250_middle%2Cgismeteo.ua_300x250_top%2Cgismeteo.ua_branding%2Cgismeteo.ua_300x250_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=640x250%7C300x250%7C640x260%2C300x250%7C300x600%2C1x1%2C300x250%7C300x600&ifi=1&adks=2829782640%2C2373899931%2C3626824864%2C3942581656&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26hb_size%3D300x250%26stpd_pb%3D0.00%26hb_adid%3D79a98b2a992c54e%26stpd_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26hb_size%3D300x600%26stpd_pb%3D0.04%26hb_adid%3D78f161ad04ffd8%26stpd_bidder%3Dappnexus%7C%7Camznbid%3D2%26amznp%3D2%26hb_size%3D300x600%26stpd_pb%3D0.03%26hb_adid%3D8297901de3c36c7%26stpd_bidder%3Dadtelligent&eri=1&cust_params=g_temp%3D15-20%26g_lang%3Dua%26g_page%3Dindex%26g_city%3D744%26g_country%3D35%26g_region%3D753%26g_weather%3Dsun%26hb_rf%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1661652086898&lmt=1661652086&dlt=1661652085281&idt=607&adxs=310%2C990%2C-12245933%2C-9&adys=1038%2C275%2C-12245933%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&frm=20&vis=1&psz=660x270%7C320x270%7C0x0%7C0x-1&msz=640x0%7C300x0%7C0x0%7C0x-1&fws=4%2C4%2C132%2C2&ohw=660%2C320%2C0%2C0&ga_vid=897840707.1661652086&ga_sid=1661652087&ga_hid=147016316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e5e2dd50bba8024e8aa1a26090afd3babd3afdf91c3421295df5145687e4553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13139
x-xss-protection: 0
google-lineitem-id: -2,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 176ms
67ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2469fc90b25637ad0040a74eda930bedb080c43925a53c1918199899344dd51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 02:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11101
x-xss-protection: 0

GET
H2 200 container.html Show response
8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B3AC 6 KB
4 KB 205ms
62ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 02:01:27 GMT
expires: Mon, 28 Aug 2023 02:01:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
29 KB 170ms
57ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:27 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:45 GMT
server: nginx
etag: W/"62fb454d-15cfe"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:01:27 GMT

GET
H2 200 xgemius.js Show response
galt.hit.gemius.pl/ Frame F470 57 KB
15 KB 79ms
77ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/xgemius.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 9709536c63c0fe7d46b59bcbdbd32a33e8201d32316674a742d003c767b2e2b9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 10:49:02 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Sun, 28 Aug 2022 14:01:26 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 183ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 02:01:27 GMT

GET
H2 200 fpdata.js Show response
galt.hit.gemius.pl/ Frame F470 269 B
365 B 76ms
76ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/fpdata.js?href=
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 8b0050009ddc2e0fe63b1894a7493a169ac85e98d1dd64571328e028b7eacc0b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 269
expires: Tue, 27 Sep 2022 02:01:27 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DAC6 15 KB
6 KB 59ms
59ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gismeteo.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 02:01:26 GMT
server-processing-duration-in-ticks: 3486
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
29 KB 183ms
62ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:27 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:45 GMT
server: nginx
etag: W/"62fb454d-15cfe"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:01:27 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DAC6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=gismeteo.ua&sn=ChromeSyncframe&so=3&topUrl=www.gismeteo.ua&bundle=O5xk919CJTJCNlR0dE5KQmxnWlQybFRUZ2tYbFd3V20lMkZmNSUyRjIwJTJGNnZ4MENtNGtX...
https://mug.criteo.com/sid?cpp=MXPWNHwraElESlE3dklLWGtncmZvYnRHb2VST1cxS2ZCOGhsdVgxSmlwZm9IWmRkZEZHeVlOeWp1Zko3UmxyVEo5SXlhU2xvYXUyTndiRllJb2hVTmpHTC8rMGM5VHBNZkpVRlpGQVY2Wit5aEN6RStLbElqeXlTMXViZm...

422 B
629 B

52ms
52ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=MXPWNHwraElESlE3dklLWGtncmZvYnRHb2VST1cxS2ZCOGhsdVgxSmlwZm9IWmRkZEZHeVlOeWp1Zko3UmxyVEo5SXlhU2xvYXUyTndiRllJb2hVTmpHTC8rMGM5VHBNZkpVRlpGQVY2Wit5aEN6RStLbElqeXlTMXViZmp1RnB1L245dVJQWkNlUnFLSDQ3anNNUCswU1oweElqT1pFM3ArZ2xEUjNEWXhVME1FOC80cnl3bkw4UEUwMmM3cWhIVUxCYno0V0lUbGVJQU9nK1JvKytPYkh0c2I0Z0hRU0xIdExhdTRETDdSNGRETHdaYVhTdjBuUmR1UGFJSkkzdXo3N3VrcGVWVStqY2s1NWVTdndhdVhHYXFpUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

fb185961dd211f6c6c248839d0e6bdf7a54610c889f7de21c084f81ae05cc0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5411
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=MXPWNHwraElESlE3dklLWGtncmZvYnRHb2VST1cxS2ZCOGhsdVgxSmlwZm9IWmRkZEZHeVlOeWp1Zko3UmxyVEo5SXlhU2xvYXUyTndiRllJb2hVTmpHTC8rMGM5VHBNZkpVRlpGQVY2Wit5aEN6RStLbElqeXlTMXViZmp1RnB1L245dVJQWkNlUnFLSDQ3anNNUCswU1oweElqT1pFM3ArZ2xEUjNEWXhVME1FOC80cnl3bkw4UEUwMmM3cWhIVUxCYno0V0lUbGVJQU9nK1JvKytPYkh0c2I0Z0hRU0xIdExhdTRETDdSNGRETHdaYVhTdjBuUmR1UGFJSkkzdXo3N3VrcGVWVStqY2s1NWVTdndhdVhHYXFpUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2123
content-length: 541
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AE7 13 KB
5 KB 164ms
53ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 19409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 20:37:58 GMT
expires: Sun, 27 Aug 2023 20:37:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B632 783 B
1 KB 179ms
63ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

741b390ad163d4b583a0fc40dc9fba935c4a4191ddc8fc322c59ed5dc227f4f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rEogwdr5AHWL1RbYgmugcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-rEogwdr5AHWL1RbYgmugcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 02:01:27 GMT
expires: Sun, 28 Aug 2022 02:01:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AE7 36 KB
14 KB 163ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 18:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 18:09:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B632 0
0 188ms
88ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082302&jk=3775869796212765&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2AE7 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z22bWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D47 6 KB
3 KB 171ms
61ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 02:01:28 GMT
expires: Mon, 28 Aug 2023 02:01:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082302&jk=3775869796212765&bg=!bm2lbSnNAAYUOm8VNDo7ACkAdvg8WjB5MnNtn4bxJFBC6ZNei8G9AJcFcB1ubFsJ4QdTNvTkbz0OJAIAAABQUgAAAAJoAQcKANtfG1VAIfAPSXw_wyVSVpLL3JY73DwWxBR3HceYGy7xyiEqJV6_AyqkyY10g1n4JBQIcvwGbRrRDbGUTi6aJrMgu36pmGQNZg1QH_aa1Gim7g9zbd6F3d_ykMrTWYm0_IpjYGMveOeXI2rnyUF5lW_KJWlBMLKZCVNIkCGL5cRGG0FwRHaWAZT0vfTnEuTU-SxlWr9_1NQJJakRDWG71LJbUkhEKUBaA5xwXVXvLHWi5TESUPP-QjCbgsIGe6rUbA6Zh2AC01pwya2xc-UGvWWpyV7QVXkJDuqYeWeZArX57Z7imtznx5uK7kNXVOAxEgBGaKjGUUR9vNWmJs52D4kt1_BXCPqXhHC43IdmtxsszgD0dPdXvUdpkdzXuZkv4ZrzRchk5Bv1SFN1GMNMlVPFrPj4mpdWiObMYXaZl2wZ851FcnN-afqxHw0Ccwqhuxqjg0r7D7MQQU2CTcYQ7LiPyw0S8xy3OsmQxbJxGBLOrvPDnRlgSj0_yhBPDuAvkHDkwgakJNYQsssjwAzOihrX4CuIojS4Uo7hMn4f4_I2UxlRIN6_GDGB3ynwmiphBXM0r8pSQgbibDGv1ODZGiibqF0nMJGNfbTO9lElpNNvs3d0W2lJJd1o18GSTAv7gUSJo08b-0HmEt5iIvPvaLsv90ts4o6JvmR5LiP1M8DeJ7q8yt_MW1MzuWZ0bSId2zi_xPJ-4RvXOx51nxM-QDpOQd5caJA0UqsYOP2O1wVGpNd-aS83cA2k0xEsk2FINf8Lp-Q7o0b36zyV3r7gErkD5xl9AaC5NIFnrQdQKzaidLje9JdP0pzsQRuctcY6BbvfkDIjN3apkYk481ReU4DRc_pgS61MMyD6kyjffRLUpAdOy9W-Xbgclc6GjqD3uVc21EOwVAAKJQY9peo65BTbIvJYl8poQCGbc-9HST9mIwawseuY1H4V8zcNyXDvap30vbdv05jb9XZt7K39PUy50ApiB4rj9CiPC7c-riBf89h8YBv4MZjYzdcI-HxAZ1NsQ2D0TIHhQV02Sq-QgCrZGFGJSOJQxaZSWopKfAms9GBEwPhIQSbK2W7notkItnsxxrT6vfOIZY_gRhaECfO_Aqht6SX4SRsUeV3Re7Edq5F2oRwp4qv6zpvr6KTL0wLhAmKsZled1O2cz6jnwI7zHSw6RjJllnjHcXMptHE2ibDaeLGNf-Lb1qk1t1D6jJGHm3M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B76E 624 B
974 B 182ms
65ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJG9580BMAE&v=APEucNVr32NKoAxgx8MjCR4ekzJ1ifXSEkSnpEXuf7zcR8pMuiz6dnb4XAn1L8XDr6WSaYxuDMrWhTXjhbyBXaenhXIC4NEbrnHwKVfxjLSCKGSVAhg72G-4HfYjLyOHgJxdPr5YXvuq_NvNvoqOP7Ql__OZE8gdFsyABykexXf7_LP-T_pUOE0

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 02:01:28 GMT
expires: Sun, 28 Aug 2022 02:01:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7D47 94 KB
36 KB 230ms
115ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Av1g2TPGrPGLcW6NUJjhpJZfygMxp8pflu1C_0_2bqq5cS1GstJQRcwwlWAZjgPVnKEqzWenFIRPfzdyrt9tfE866GUg&cry=1&dbm_d=AKAmf-CjdZYPw10TRwSiTTwHM7YkEp7yO9wqkgJZDa1bPq1R2gsVJTE6zxbFt0wkYTgcWNcjsjIWuSWa__A30WWuxKfP0aWF5_dWL-_BkD2MIx5rYTBdqpervHYSVGIFHrXq51jckPzT5oH862lnjQJ6LsQOMmQE926OFz975oyErXhWEkJqFDmo_qgDGAgDBwQAE9cvRtL5MfPuMltCfxeqbn0xwkGCTPR-A_7pccooErC_6-pczUaWcFtvMrqrF3ZQMABf_CfYAmP1FY1oOMUiZ_XpFy4F50CFEbJlOeivTGG-JwynsqXC5UxMZG6ZITu6haL8ZHa6AmFcXpiSyOAhxHxDshSt0o2KYoAxHrJhrANLCj9zQkSWiEPSUlRs9c72dSZoVxP3mXUFpXhzLEg7K3WGFwRcMNPBbqIFzQQHM-KTZdpDHl92dBQ8ou2n9OnkIQ0jZ3usZnM1i79uCaTmgjLwnlpwk9xKlBwQUNJwEyBgbXzh69VsNELaFdJt5dWzV_qx1WMfw8VpqfQbuEk0c6PqwH6-IsZU6-56H5qV8-qo3xArsQUjw34v1u1jslLPwi1kY5ODT_IKV0RGXFs_HqufQCsxKp0840FekwX3SrwAU_cG7oqoWpw5JU2EM3Qrecyj4SPwbDMl-48TLdVe0jXdBBTmYAuW47_cElDSBhWVicIX1fvTBtK40qke7Zk8w1bc5IGO466pw4tXfXCePU-xSWjXySgn9D7lSaQi9MOQI_dM9qsumjSmmgxG3AbbpsFm6z4O1bINcJdc1GkzkDWCU4w9RBPjNUTK7wy-NFD_noFdjuR27wh3LRpg2Cz5OOl_283AcOtKZr3rGGBE4byosw2EOAczgkbVge83axH9HBFCHg3TbVvymS2_7CE5bEJ-nFnmvxAP74ZKlF0QGZQ6i5LBXzxA0tve3_T9cf50PZp8ZTwqypnDysDkSUK7LjLv-cRBghdjKTZfOQEuGPKMHKMscceuVBACrG8WCXLGMiNtqrmOKo5nifx3qi7KQ9jt3H1J5NSqK80_Qydi2FpEsMC7sYlL11-R_-uXOMGqfJko5UpyWlVdRzJ-AKxZgcoWZQJZkrl85Hcazj7CLZRq1iEEcZBGbzzTYFHMqr2n1SSemO4UPdxRluQbxaykx74cP7cHmO_soxhoynZbA3CO5TZDjLUxgFH212qE5aFX-wikoBHSSq6tn87cg1iD_yiSz1opNKweWlt_CL0RFEeg0hqIgw-oCP3Dxd2wBKeMd0ImKNRLjQBoQWK5ElSLWzOENmjYn6qkpvgLTle3SO76G0x8HAvjLMr4bB_An1ujmYK2yAYzgB59s42ikdMf-cw32DTOMeEU329VNk2uuJd3JG_3ro5C3eammDY1mCEqNLX900EinziW_Svvj2SKuj-frhFv53RzB34bQaqScX6YTYzjvDnHfnCuJYZTt0SK-G0yPMatKOxKzj5DAm0GPmw68zIaK2p9nZjw9rQb_hDTM7erqi5dWC1HFYJtKOG5beYyNcHzZlYiRrFr0ouVpVjCOmfWRV15UV05FMYcfzbf5aBebreB7YMUFGrDzLWr__JAdVHy7SlaUwQfJc88cS82LkjRWdQLK7Y6ZsCwpIhFW8pFBlMj-LfPDGr9S8EnPBQzD0pP6zNiPIxV5sFt5U_evE4dtKpcOKIWKUVLVyeVEkb87yx3DRy8rBCn7GOpAvTGucureZ3SBCP0XhH89Y9PJgfNTmX6HW_EnkhICnO2DtYxUgMlA_KOi4NiqR640PkyTvZ4ixMuPkahzyqiJoWHOj56n9D3IdKg7nUszm_hKibupMvKEMsryHBs_DR9mhFTX-0MzSrf3f0E5uGvrUVC-tBRdv87SX4Dno9kBYTEV3QuifhCmsa1OuAY1EXFEcXFgFFE93RSug7cKL0EPlgxIJc3BjfKl9RCM23mhAvpcZPabNKzB7KHwtrUT3RaXOWVQXdAER7i4kzR3wnBC2I8EDMzkS-K_1ikloAtJvqz8y0cQVaaCDrBD-7pFzCF4U6o6RoNxLgamGyvQ0dXiyq_zlol3Kokcx6F-9PGaqgtEAU1mggUxU5K2yjx45cK3RjKxyr1J77PFaGzBDR6pivN1J2r3ZugINoASMDMoHh4XD967HHVKO6LG8zI9TqXdroJqvWMY6uKVar6LVeV_M8a9YgODSN6KIO2uCrJJ661PvOewRwI68CaDdeeCi_TdGBBF2_wQi4Wil3YuaFYwsAwWg83pzv9P-NSKKMKg9ud-rimuty_SKilrZeyvVbBrPS1lYnQGVKe4Btc32RbGTOm5x4b3l89pmADcBuXF0Ta0UC0kC6MYZpMuySGzSGaP4je2q5AtX2SM40dCYO01hZ6Zb0m2F256BuoS3k2PWcObTH-PrJCdpKyPRPJUOQTXOovKaCb9DSy-pql-AkDWBTyC23ekqaZtEC-sFGTOM6B9brkvMP7VP6q6N6XGcgXn9OWgFnQJHd20RtpHhmc8TBdh6VQzAGNiG9WT15sdK6sSL-U1iNHUnihX5RiP_lODz2qLT9wNNMAYEgs7p5CdroNKgO0MnKlGJIxCl8yU6SHpBMTcSuH9XfsqYWpKWCc98HQA0BVYqgjp1FmKiMk5WvdEoYfoECHWOBisUPe0waGhIJtBLe4NHrSEArFyvHMGATSeHp0Ufg6dg3B0B9I2RH_x-xEs7UJkQMFQAXtoFXao57tkT1BFlKU86D29c512Qn4RgWFzkqRW8thdtrA230W7X_miCwhqa9y8h_TpF9vey-yrzyMpdovY_4bdxaxfEEwrJGWFEbjmB_elgNLvyEDnu5eI-EEJb-UHLv8rQ_OAWsET8oWgbGbq-kn_ASbDxnucWfE5SSBrr3H9GbKpdIJo4gZMn3mdNPMZWOrMWqKGQSK3ujnGB5m2KLnNZM7aM_acc6ZYVyR_7Z8qFSWjlQynWjnbMAxttB8ssh5sheooXpAjM1L6Tsctc99id6QpVHVDiON2J9Jt3ZrvpIRmmFZgtABB-aBoLbjBUnfBsTVdLEoqEEl-HzyI_GgPNUBeJIymcTNLTj5J9cto1y6-0qIYg9Bvie9NcYuDPbHVX4m0Eb_vpHnPLu7FTnzuzDHN1r6mowSGXDB5IvTGOcCkRcbiLyo-vmEtC7NVKAfa1hVh1rYQcuFaRT-Xp_-kMY86ArxwLcVJLNkusqxXRxGJj14BG0VF7hwnzv1ZQw1N4P7C65dZA&cid=CAASKORofT4RYH2fQ-wR9PVeofU1h0yLFevJOquslspcvr8qsC22M5ViGsQ&rfl=1%2Chttps%253A%252F%252Fwww.gismeteo.ua%252F%240

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

550ca3eec3594bf185dfb22fb198cf60d06c88abcf9bf7a66ff0c187a534df08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36781
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D47 42 B
63 B 91ms
89ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlppmtrVJixFhbBpK8uFeff4-qERQzJ4MIgC5esP6PIyLfG1hQU9dpyzn445WT-0egy1-vhJIJhWNMv81aS-69eQWH2-QyAvQwkx_C4CP1yMTkwjg

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7D47 3 KB
1 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 01:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 01:36:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D47 140 KB
43 KB 1108ms
998ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 02:01:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7D47 17 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 01:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 01:36:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7D47 0
0 175ms
62ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTC-xUSAEEMAb2IuQ_G00ged-eeWqCiUxKh_HK-mLEKF2ih-AEcYdBJWGgY8GYZMKNsUyu26s6kN510dsQmE78T6qQBQ
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B76E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFsftogDXsfuc3bFQAfXHbo&google_cver=1

43 B
911 B

93ms
73ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFsftogDXsfuc3bFQAfXHbo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJG9580BMAE&v=APEucNVr32NKoAxgx8MjCR4ekzJ1ifXSEkSnpEXuf7zcR8pMuiz6dnb4XAn1L8XDr6WSaYxuDMrWhTXjhbyBXaenhXIC4NEbrnHwKVfxjLSCKGSVAhg72G-4HfYjLyOHgJxdPr5YXvuq_NvNvoqOP7Ql__OZE8gdFsyABykexXf7_LP-T_pUOE0
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 74197592791f770b-LHR
pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibPN3vovoq7mHLyX7oKsd8sGfSuBSkPJHFiSWpTUO%2Fyp3Y1OLyfDMVdw9jh5E6XIrviDrFUG%2BJKCWfDRHUMo5C%2FvsjTlSi3pDXaYyNbkCuKfQpO%2FT3z7hwwFNbC712Jr4O7e5t5b%2BXmBJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFsftogDXsfuc3bFQAfXHbo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B76E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwrMeAWR14fcP5bQa8f0.AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpCq3wuFSceutzHiaY9vNc&google_cver=1&google_hm=2

43 B
909 B

79ms
79ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpCq3wuFSceutzHiaY9vNc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJG9580BMAE&v=APEucNVr32NKoAxgx8MjCR4ekzJ1ifXSEkSnpEXuf7zcR8pMuiz6dnb4XAn1L8XDr6WSaYxuDMrWhTXjhbyBXaenhXIC4NEbrnHwKVfxjLSCKGSVAhg72G-4HfYjLyOHgJxdPr5YXvuq_NvNvoqOP7Ql__OZE8gdFsyABykexXf7_LP-T_pUOE0
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 741975940b39770b-LHR
pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8u8BpR4eeBFTFgaUuxif31LuGWYCuCU721CxaLRDRb6rwBtIM%2FJTNRjiBzUHR76bbZYkdg5vEKqeeotTAbIqEYGdZ%2BaF6awBzd6SoUF%2B9EIwzyIE%2BeUKOjwuf99nEjW1vArXCOVX0OA1Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFpCq3wuFSceutzHiaY9vNc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B76E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIJtXWEP4vnEHNDEfIV90H0&google_cver=1

43 B
1016 B

56ms
56ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIJtXWEP4vnEHNDEfIV90H0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJG9580BMAE&v=APEucNVr32NKoAxgx8MjCR4ekzJ1ifXSEkSnpEXuf7zcR8pMuiz6dnb4XAn1L8XDr6WSaYxuDMrWhTXjhbyBXaenhXIC4NEbrnHwKVfxjLSCKGSVAhg72G-4HfYjLyOHgJxdPr5YXvuq_NvNvoqOP7Ql__OZE8gdFsyABykexXf7_LP-T_pUOE0

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:28 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7fdae8b5-2fa9-4751-bb89-cf128c311df3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIJtXWEP4vnEHNDEfIV90H0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B76E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MDgxMTczNjU2Mzk0NjEyMA%3D%3D

170 B
243 B

137ms
64ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MDgxMTczNjU2Mzk0NjEyMA%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:28 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c79a6509-a47f-40bb-ba53-b6015e3ff069
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MDgxMTczNjU2Mzk0NjEyMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1081067/64110966/ Frame 7D47 234 KB
70 KB 172ms
57ms Script
application/javascript 52.48.242.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1081067/64110966/skeleton.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.242.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-242-118.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c289a7ba9be1b36ee7744ca9fdb5b6fbed3187b36166262588a56ec383a7b3c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7D47 106 KB
38 KB 240ms
53ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
Origin: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 7D47 8 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Av1g2TPGrPGLcW6NUJjhpJZfygMxp8pflu1C_0_2bqq5cS1GstJQRcwwlWAZjgPVnKEqzWenFIRPfzdyrt9tfE866GUg&cry=1&dbm_d=AKAmf-CjdZYPw10TRwSiTTwHM7YkEp7yO9wqkgJZDa1bPq1R2gsVJTE6zxbFt0wkYTgcWNcjsjIWuSWa__A30WWuxKfP0aWF5_dWL-_BkD2MIx5rYTBdqpervHYSVGIFHrXq51jckPzT5oH862lnjQJ6LsQOMmQE926OFz975oyErXhWEkJqFDmo_qgDGAgDBwQAE9cvRtL5MfPuMltCfxeqbn0xwkGCTPR-A_7pccooErC_6-pczUaWcFtvMrqrF3ZQMABf_CfYAmP1FY1oOMUiZ_XpFy4F50CFEbJlOeivTGG-JwynsqXC5UxMZG6ZITu6haL8ZHa6AmFcXpiSyOAhxHxDshSt0o2KYoAxHrJhrANLCj9zQkSWiEPSUlRs9c72dSZoVxP3mXUFpXhzLEg7K3WGFwRcMNPBbqIFzQQHM-KTZdpDHl92dBQ8ou2n9OnkIQ0jZ3usZnM1i79uCaTmgjLwnlpwk9xKlBwQUNJwEyBgbXzh69VsNELaFdJt5dWzV_qx1WMfw8VpqfQbuEk0c6PqwH6-IsZU6-56H5qV8-qo3xArsQUjw34v1u1jslLPwi1kY5ODT_IKV0RGXFs_HqufQCsxKp0840FekwX3SrwAU_cG7oqoWpw5JU2EM3Qrecyj4SPwbDMl-48TLdVe0jXdBBTmYAuW47_cElDSBhWVicIX1fvTBtK40qke7Zk8w1bc5IGO466pw4tXfXCePU-xSWjXySgn9D7lSaQi9MOQI_dM9qsumjSmmgxG3AbbpsFm6z4O1bINcJdc1GkzkDWCU4w9RBPjNUTK7wy-NFD_noFdjuR27wh3LRpg2Cz5OOl_283AcOtKZr3rGGBE4byosw2EOAczgkbVge83axH9HBFCHg3TbVvymS2_7CE5bEJ-nFnmvxAP74ZKlF0QGZQ6i5LBXzxA0tve3_T9cf50PZp8ZTwqypnDysDkSUK7LjLv-cRBghdjKTZfOQEuGPKMHKMscceuVBACrG8WCXLGMiNtqrmOKo5nifx3qi7KQ9jt3H1J5NSqK80_Qydi2FpEsMC7sYlL11-R_-uXOMGqfJko5UpyWlVdRzJ-AKxZgcoWZQJZkrl85Hcazj7CLZRq1iEEcZBGbzzTYFHMqr2n1SSemO4UPdxRluQbxaykx74cP7cHmO_soxhoynZbA3CO5TZDjLUxgFH212qE5aFX-wikoBHSSq6tn87cg1iD_yiSz1opNKweWlt_CL0RFEeg0hqIgw-oCP3Dxd2wBKeMd0ImKNRLjQBoQWK5ElSLWzOENmjYn6qkpvgLTle3SO76G0x8HAvjLMr4bB_An1ujmYK2yAYzgB59s42ikdMf-cw32DTOMeEU329VNk2uuJd3JG_3ro5C3eammDY1mCEqNLX900EinziW_Svvj2SKuj-frhFv53RzB34bQaqScX6YTYzjvDnHfnCuJYZTt0SK-G0yPMatKOxKzj5DAm0GPmw68zIaK2p9nZjw9rQb_hDTM7erqi5dWC1HFYJtKOG5beYyNcHzZlYiRrFr0ouVpVjCOmfWRV15UV05FMYcfzbf5aBebreB7YMUFGrDzLWr__JAdVHy7SlaUwQfJc88cS82LkjRWdQLK7Y6ZsCwpIhFW8pFBlMj-LfPDGr9S8EnPBQzD0pP6zNiPIxV5sFt5U_evE4dtKpcOKIWKUVLVyeVEkb87yx3DRy8rBCn7GOpAvTGucureZ3SBCP0XhH89Y9PJgfNTmX6HW_EnkhICnO2DtYxUgMlA_KOi4NiqR640PkyTvZ4ixMuPkahzyqiJoWHOj56n9D3IdKg7nUszm_hKibupMvKEMsryHBs_DR9mhFTX-0MzSrf3f0E5uGvrUVC-tBRdv87SX4Dno9kBYTEV3QuifhCmsa1OuAY1EXFEcXFgFFE93RSug7cKL0EPlgxIJc3BjfKl9RCM23mhAvpcZPabNKzB7KHwtrUT3RaXOWVQXdAER7i4kzR3wnBC2I8EDMzkS-K_1ikloAtJvqz8y0cQVaaCDrBD-7pFzCF4U6o6RoNxLgamGyvQ0dXiyq_zlol3Kokcx6F-9PGaqgtEAU1mggUxU5K2yjx45cK3RjKxyr1J77PFaGzBDR6pivN1J2r3ZugINoASMDMoHh4XD967HHVKO6LG8zI9TqXdroJqvWMY6uKVar6LVeV_M8a9YgODSN6KIO2uCrJJ661PvOewRwI68CaDdeeCi_TdGBBF2_wQi4Wil3YuaFYwsAwWg83pzv9P-NSKKMKg9ud-rimuty_SKilrZeyvVbBrPS1lYnQGVKe4Btc32RbGTOm5x4b3l89pmADcBuXF0Ta0UC0kC6MYZpMuySGzSGaP4je2q5AtX2SM40dCYO01hZ6Zb0m2F256BuoS3k2PWcObTH-PrJCdpKyPRPJUOQTXOovKaCb9DSy-pql-AkDWBTyC23ekqaZtEC-sFGTOM6B9brkvMP7VP6q6N6XGcgXn9OWgFnQJHd20RtpHhmc8TBdh6VQzAGNiG9WT15sdK6sSL-U1iNHUnihX5RiP_lODz2qLT9wNNMAYEgs7p5CdroNKgO0MnKlGJIxCl8yU6SHpBMTcSuH9XfsqYWpKWCc98HQA0BVYqgjp1FmKiMk5WvdEoYfoECHWOBisUPe0waGhIJtBLe4NHrSEArFyvHMGATSeHp0Ufg6dg3B0B9I2RH_x-xEs7UJkQMFQAXtoFXao57tkT1BFlKU86D29c512Qn4RgWFzkqRW8thdtrA230W7X_miCwhqa9y8h_TpF9vey-yrzyMpdovY_4bdxaxfEEwrJGWFEbjmB_elgNLvyEDnu5eI-EEJb-UHLv8rQ_OAWsET8oWgbGbq-kn_ASbDxnucWfE5SSBrr3H9GbKpdIJo4gZMn3mdNPMZWOrMWqKGQSK3ujnGB5m2KLnNZM7aM_acc6ZYVyR_7Z8qFSWjlQynWjnbMAxttB8ssh5sheooXpAjM1L6Tsctc99id6QpVHVDiON2J9Jt3ZrvpIRmmFZgtABB-aBoLbjBUnfBsTVdLEoqEEl-HzyI_GgPNUBeJIymcTNLTj5J9cto1y6-0qIYg9Bvie9NcYuDPbHVX4m0Eb_vpHnPLu7FTnzuzDHN1r6mowSGXDB5IvTGOcCkRcbiLyo-vmEtC7NVKAfa1hVh1rYQcuFaRT-Xp_-kMY86ArxwLcVJLNkusqxXRxGJj14BG0VF7hwnzv1ZQw1N4P7C65dZA&cid=CAASKORofT4RYH2fQ-wR9PVeofU1h0yLFevJOquslspcvr8qsC22M5ViGsQ&rfl=1%2Chttps%253A%252F%252Fwww.gismeteo.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 01:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 01:54:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 7D47 30 KB
12 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 01:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 01:42:56 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D47 41 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2613 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 305593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2613 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 18:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 18:09:38 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7D47
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1081067/64110966/4.js?adContainerId=brand_safety_eMwKY42dG-eO9u8PhtergAg&cbFunctionName=goog_wrapCb_eMwKY42dG-eO9u8PhtergAg&true_pb=&adsafe_pb=https%3A%2F%2Fst...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_eMwKY42dG-eO9u8PhtergAg&cbFunctionName=goog_wrapCb_eMwKY42dG-eO9u8PhtergAg&true_pb=

1 KB
1 KB

175ms
65ms

Script
application/javascript

2600:9000:223f:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_eMwKY42dG-eO9u8PhtergAg&cbFunctionName=goog_wrapCb_eMwKY42dG-eO9u8PhtergAg&true_pb=
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 15:08:03 GMT
content-encoding: gzip
age: 125607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 26 Aug 2022 15:08:00 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: MbIR9TkejTs72xujqyO6B7CRlRDcZpEf
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: SJ5x8E8tQsG9cjX_Hh4hYir6F32lnf9P6_qnx4cNAKKhZN58Nq4MNw==

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:28 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_eMwKY42dG-eO9u8PhtergAg&cbFunctionName=goog_wrapCb_eMwKY42dG-eO9u8PhtergAg&true_pb=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 2694 80 KB
21 KB 215ms
60ms Script
application/javascript 2600:9000:223f:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 8962016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: 62SSBXHjf7Vpbh_9wEdL20AJQ-3Rg-1PS416CqpUZPINRDWbwbZmjg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
216 B 670ms
197ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYcrq,pingTime:-3,time:36,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:37,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
215 B 669ms
198ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYcrr,pingTime:-6,time:37,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:38,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:www.gismeteo.ua*&br=c
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
215 B 660ms
199ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYcrD,pingTime:-2,time:49,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:480,mdZ:760,beA:765,beZ:767,mfA:768,cmA:769,inA:769,inZ:773,prA:773,prZ:777,si:781,poA:782,poZ:798,cmZ:798,mfZ:798,loA:803,loZ:805,ltA:814,ltZ:814%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,sinceFw:32,readyFired:false%7D&br=c
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17252712401982728039/ Frame 6BFE 6 KB
2 KB 163ms
53ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17252712401982728039/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba0803adb8594801d6042987943eafc61eba0ab65ef0acd98cc9c42689128da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 474595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2292
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 14:11:34 GMT
expires: Tue, 22 Aug 2023 14:11:34 GMT
last-modified: Mon, 27 Jun 2022 16:02:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7D47 0
622 B 247ms
105ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvGHxVh8ixeV-SZD7XH5Uj_8kTWUw4LOhbQC2hcrAojrVoY_NhsvzJMWtLrLp7_7MARwtQp1YuGN8zzUYPZbiUIJQueoHKaj6TzfQsAozF3ZaGVLTcSnqaS955UM7RNxfdqvNtf7yMJ_Uqb541xU8VeSUaQqYtvjHwYcbP2YJKNw3EpEIz3azhRaV9aWKIwNsLMXZ7E_bM6TUhFMBrL6rEL-3XDRFYTesRqANkFu2-ZjB3XVnEpYZqNAgzhLFRM2iPtn1_7mBQxoA_w5sjPDx5Z2sCtXtIHeOHkKTMHnT0nqXVCUzqQHP-EQZIOyfty5PQ3qVHXCf-KkviJ4ddDVFXkjuhfKL3ir6J9F1CvAwLcMybk71Uf8M2Zbbl71ZguNCdnGyQlNut3zTLXQk29whKHs8V0HIXZ8nfhakTy8-66lPKrqrSHr757DmhFx8IOOPdGnCSunXyAb4fKGpvTjwgqrAnTpvSU96hOe6Gn0mErjgM8ORSYVvh-xj9_yChy8nw8kg3sgkbpfa_FRPs670tLZS-VQIVi4OBq7ytinBHFigGbnfpGPc0Mvs_ll4Ytptct8hLjVrHO4-yglDbKDfm1-iVOvMldKPmMh3fzcAhNqoVFDciSp9Su0dcX0oyadGsMtG3DHXgLXL2R1CK2ZJt--4LfCyy9gMihhAOBvycoZgRY0OvH0Hs2VVVVR_R0LaAfyM5cHAZMOckrZgx_Fi9IFEBvvA9OAJAyhuhpSeYWHgTSygnrwXhHJvEjaKgKWenB7XcF_rPu-q0DzU-MBpz8jdF5pmJbTfUpOYLtSTuwn9KW92kOB-vunvfr3bFArwcFY_1RMXtROEW-MkBWoyw7m-aNP1r_pGgoB5JWgEQh1K5KpTi86KRtgsaDjn2D3jhdkmPYCdYM-1LZ8la3iAHuKmcaTM4Z7ckKCNBe00Z9dzmq5E8Rrdg7s8jnYY9E5wlzxk3TK99QOAE1SX1ZAkzDmnzvwZAn61yFCnSBBiMAlNFdf71IUyaKREv8gI2SVyky9c5y21bS7eJRK45kNhxuw2Pmq3-gHkUmwemKfgi6pd7g8B_F-3hgd43TyAsrtvZ3eyHmMLt2Ui5Pl145N-8Nm5UKwUREFGslfqJIPr7FQcEifJ7qv_pAx0_H4JaJoLOrAZZ28AnNVPytdRQ-ke_DCoMZaT0Lw3mn8P7vqlE&sai=AMfl-YTBd7VHHEuJcV1NvmKh-Giq-wFX8M2Vp9n2LmzqoPapCC6ZW1lDAeziVmabGPErAtRpEbuQG0SwgR6m6_nN2PPycBtZpKN7K61Sha5F2T0nt6JU8ckkvycMXwm9edee9OaBFuGTbwcq2HbCAhSrfQpk9wMIR8c2m-nAu3s1TYKZxjLHid2ttnicrDGM9SCBRWmNwtHs6xPbFAvU0aOeiPej7MUnLGblpg&sig=Cg0ArKJSzK0DtW5nR-rUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=339&cbvp=1&cstd=337&cisv=r20220822.93187&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 28 Aug 2022 02:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2613 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHiy1eMwKY42dG-eO9u8PhtergAgAAAAAOAHgBAI&bg=!EBOlE1fNAAYUOm8VNDo7ACkAdvg8WssJ4AkcpvOUP6dUlc916HJBrUi30NXaWtXVycjVwVzwyO3DSgIAAABxUgAAAAJoAQeZAuuS22o_G5ioX8Qd8vOY_qRGnHAclMIKOcOKt1KARmJLsuN1o-4nriBJb048aHHKIqnwagBv-aWhOC4Lg5W8LRZNQEGlw2YLnE9FIqcaEFPoVEwA2GSmVmjaz6TJgHw1TFtNPqnH9gRp2ukSex40R8JdqwBuH_QhW3iECEodHf3p7D2rYclDu6lqhFjLWZgEJbtOy7B309_IJ9-HN2aX5TzxLhiPM3QmKN1x5SDOFelsAP_T6G71Ag_TW_Sqx220NdNlQLvnPZu37GytGQstbKGXscEGlJa5hTUIRT-U7v5qSw918AkdZoFrWDmGsKdOfHg9-mgUoe__M4TV7IFG1n5GlfyTmEuhKMB-Cvel75Wi3uMFyrPW4Zpa6oA7o1RZPiTVSKpBY-D7QFfKb7xhLK4DKXaFM_W1bLJaeuUSANjl4i5ZMAb-4NjHZGQew8buRShsCXBi4M4ehWtcfGLBt98EtyPaoKwMnkDBHp7T-FZf774C4ByFlPXmuyDDivZjlto3C0QsC-hm7h_lGxAegHl3dRlMC5YqOoC8pbJAhsiCL3jE8PabKy4dJc5ncMUF_USQuiPJW5_JABvC1-7APhMMF-JdGNSAngePrV-a-8kAMabXq8KWceH60FkPupWAn9-gxMDMGvlYvcsD1OiUGv6gb-nsqpAeRDZXJKszUTkoPN_nJLfZSg2K0Du2tw_hH_FcwauahZjUIYJy6O6cyEw4mVa_mEfIzYKYanxyk3ZJ2WKPZm4yToolEQArqPWPOU4Vq85-V1iDj_sBjUnlBrFF7XD3VfR0wPnJjWVHRaoNjpLtPxP48WFhwAQXgry7EHa-rie7ifduokNBskcO6mEjWaQmnN-65cPulnAmaJg5XLK6IYSYOwjeoKuUX-pgyUcTIU9T8BUddS5huuN4ClWhBTEoFqI-98zMscqBOymMSQQUCpgM_IIKmKNeiYofY_p83WsISGRvHs6DfsbpU99ZxkHAFrzLJ9RJzbA

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 6BFE 236 KB
63 KB 397ms
63ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17252712401982728039/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:29 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sun, 28 Aug 2022 02:16:29 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/17252712401982728039/ Frame 6BFE 107 KB
24 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17252712401982728039/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17252712401982728039/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83ac0e7d062ae1e3e57affb196152e44cc2b0e4cb105f507b7f4cf2330da8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17252712401982728039/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 23:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24472
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 16:02:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 23:02:43 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
215 B 423ms
198ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYcvr,time:285,type:e,im:%7Bimprf:%7Bttecl:539,ecd:235,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:285,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B280~0%5D,as:%5B280~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
215 B 357ms
356ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYczC,pingTime:-10,time:544,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1661652089408%7C%7Cf4970ff0b2eeeeb039dbd78e3d3ee9e1%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C0fc449595ee519dc8798ba46277a84b3%7C%7C134e777c8ae1ced9a9e7c454349c8e4a%7C%7Cd6d18c33d0d00552736c8a993ab6dbe7%7C%7C4dd9f75d700ddae8235a7f5c49c7cd90%7C%7Cc1cb97fca035b40b9bf99301ee99aa07%7C%7C1629390669%7D
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
DATA 200
OK truncated
/ Frame 7D47 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 121407f0c7694e5481f8352e8edfb85b6c8deb3ac9114376cf96199cd78fcb37

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/17252712401982728039/images/ Frame 6BFE 101 KB
101 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17252712401982728039/images/index_atlas_NP_1.jpg

Requested by

Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac43de91dbd9878106a509215bc21b8e90e8ec6307e66bafdee781abbbd78c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17252712401982728039/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:11:50 GMT
x-content-type-options: nosniff
age: 474579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102919
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 16:02:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 14:11:50 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7D47 0
26 B 203ms
93ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvGHxVh8ixeV-SZD7XH5Uj_8kTWUw4LOhbQC2hcrAojrVoY_NhsvzJMWtLrLp7_7MARwtQp1YuGN8zzUYPZbiUIJQueoHKaj6TzfQsAozF3ZaGVLTcSnqaS955UM7RNxfdqvNtf7yMJ_Uqb541xU8VeSUaQqYtvjHwYcbP2YJKNw3EpEIz3azhRaV9aWKIwNsLMXZ7E_bM6TUhFMBrL6rEL-3XDRFYTesRqANkFu2-ZjB3XVnEpYZqNAgzhLFRM2iPtn1_7mBQxoA_w5sjPDx5Z2sCtXtIHeOHkKTMHnT0nqXVCUzqQHP-EQZIOyfty5PQ3qVHXCf-KkviJ4ddDVFXkjuhfKL3ir6J9F1CvAwLcMybk71Uf8M2Zbbl71ZguNCdnGyQlNut3zTLXQk29whKHs8V0HIXZ8nfhakTy8-66lPKrqrSHr757DmhFx8IOOPdGnCSunXyAb4fKGpvTjwgqrAnTpvSU96hOe6Gn0mErjgM8ORSYVvh-xj9_yChy8nw8kg3sgkbpfa_FRPs670tLZS-VQIVi4OBq7ytinBHFigGbnfpGPc0Mvs_ll4Ytptct8hLjVrHO4-yglDbKDfm1-iVOvMldKPmMh3fzcAhNqoVFDciSp9Su0dcX0oyadGsMtG3DHXgLXL2R1CK2ZJt--4LfCyy9gMihhAOBvycoZgRY0OvH0Hs2VVVVR_R0LaAfyM5cHAZMOckrZgx_Fi9IFEBvvA9OAJAyhuhpSeYWHgTSygnrwXhHJvEjaKgKWenB7XcF_rPu-q0DzU-MBpz8jdF5pmJbTfUpOYLtSTuwn9KW92kOB-vunvfr3bFArwcFY_1RMXtROEW-MkBWoyw7m-aNP1r_pGgoB5JWgEQh1K5KpTi86KRtgsaDjn2D3jhdkmPYCdYM-1LZ8la3iAHuKmcaTM4Z7ckKCNBe00Z9dzmq5E8Rrdg7s8jnYY9E5wlzxk3TK99QOAE1SX1ZAkzDmnzvwZAn61yFCnSBBiMAlNFdf71IUyaKREv8gI2SVyky9c5y21bS7eJRK45kNhxuw2Pmq3-gHkUmwemKfgi6pd7g8B_F-3hgd43TyAsrtvZ3eyHmMLt2Ui5Pl145N-8Nm5UKwUREFGslfqJIPr7FQcEifJ7qv_pAx0_H4JaJoLOrAZZ28AnNVPytdRQ-ke_DCoMZaT0Lw3mn8P7vqlE&sai=AMfl-YTBd7VHHEuJcV1NvmKh-Giq-wFX8M2Vp9n2LmzqoPapCC6ZW1lDAeziVmabGPErAtRpEbuQG0SwgR6m6_nN2PPycBtZpKN7K61Sha5F2T0nt6JU8ckkvycMXwm9edee9OaBFuGTbwcq2HbCAhSrfQpk9wMIR8c2m-nAu3s1TYKZxjLHid2ttnicrDGM9SCBRWmNwtHs6xPbFAvU0aOeiPej7MUnLGblpg&sig=Cg0ArKJSzK0DtW5nR-rUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=980&vt=11&dtpt=641&dett=3&cstd=337&cisv=r20220822.93187&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Aug 2022 02:01:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
215 B 197ms
197ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYcCy,time:726,type:e,im:%7Bpci:%7Btdr:690%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:16,o:710,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B705~0%5D,as:%5B601~0.0,104~300.600%5D%7D%7D,%7Bsl:i,t:710,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B16~100%5D,as:%5B16~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:425,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: 8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
URL: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
209 B 198ms
62ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 28 Aug 2022 02:01:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 510B 38 KB
14 KB 386ms
69ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=64483
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Sun, 28 Aug 2022 02:01:30 GMT
expires: Sun, 28 Aug 2022 19:56:13 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame B083 3 KB
2 KB 311ms
80ms Document
text/html 2.18.168.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.244 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Aug 2022 02:01:30 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 431F 52 KB
17 KB 183ms
53ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 76389
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 28 Aug 2022 02:01:30 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 887834
X-Served-By: cache-lga21935-LGA, cache-hhn4041-HHN
X-Timer: S1661652090.044542,VS0,VE0

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame C452 0
91 B 79ms
65ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 28 Aug 2022 02:01:29 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 007C 611 B
790 B 65ms
63ms Document
text/html 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: a14b9afd047a1865b967f17302a26412a945601b33f356afc9954a8714dcc5c4

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 611
content-type: text/html

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2E5B 15 KB
6 KB 386ms
71ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=84890
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 28 Aug 2022 02:01:30 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 29 Aug 2022 01:36:20 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame CF67
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=31fd8227-9c33-46d0-b8f7-190646a36ab2

0
404 B

612ms
189ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=31fd8227-9c33-46d0-b8f7-190646a36ab2
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Sun, 28 Aug 2022 02:01:29 GMT
Etag: a056561cb62d558c
Server: Adtelligent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7419759aa98e741f-LHR
content-length: 0
date: Sun, 28 Aug 2022 02:01:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=31fd8227-9c33-46d0-b8f7-190646a36ab2
server: cloudflare

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CF8C 281 B
554 B 231ms
68ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Aug 2022 02:01:30 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 175ms
52ms Image
text/plain 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Aug 2022 02:01:30 GMT
access-control-allow-credentials: true
x-sovrn-pod: ad_ap5ams1
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
351 B 188ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ghc9khlcq4sv4kbh5g3erki63tdmohhk

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7750811736563946120

0
387 B

778ms
190ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7750811736563946120
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 02:01:29 GMT
Server: Adtelligent
Etag: a056561cb62d558c
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:29 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a19e5bde-b594-48c6-a5ab-8d0f705c686f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7750811736563946120
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 007C
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D8a4f31ca-503a-46b7-8dd4-dcbcd7a125c...
https://x.bidswitch.net/sync?dsp_id=80&user_id=246f630a-cc7a-4c00-a26d-646b39831cef&expires=30&ssp=between&bsw_param=8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6

68 B
607 B

64ms
63ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6
Date: Sun, 28 Aug 2022 02:01:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 007C
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LrQlbZfegoL.AikABlGC4i69Zw

68 B
607 B

66ms
65ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LrQlbZfegoL.AikABlGC4i69Zw
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LrQlbZfegoL.AikABlGC4i69Zw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 btw
sync.dmp.otm-r.com/match/ Frame 007C 0
69 B 234ms
78ms Image
text/plain 195.201.152.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Aug 2022 02:01:30 GMT
server: nginx/1.17.6

GET
H2

200

match
ads.betweendigital.com/ Frame 007C
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8
https://sync.bumlam.com/?src=bw1&s_data=CAIQARj6mKuYBmIkYTQzNWE2ZTUtN2U2MC01MmYwLWI4ZWItYTNiZWRiZTE2ZmM4ogEQVUJUXCZ1Ee2gRAAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=5542545c-2675-11ed-a044-002590c82437

68 B
607 B

65ms
65ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=5542545c-2675-11ed-a044-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Sun, 28 Aug 2022 02:01:30 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=5542545c-2675-11ed-a044-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 9AF6 4 KB
1 KB 232ms
64ms Document
text/html 151.236.118.210
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8&CACHEBUSTER=147022
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 28 Aug 2022 02:01:30 GMT
etag: W/"60bf907f-ee9"
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 311
x-cdn-request-id: 36232c1c7acb639b37b97e2f1490cdf8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 431F 0
743 B 56ms
56ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:30 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 27a96744-5c12-4cce-a659-8ccb7136f7fb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CF8C 31 KB
10 KB 69ms
69ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 02:01:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69785
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9377
Expires: Sun, 28 Aug 2022 21:24:35 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 6345 1 KB
2 KB 179ms
78ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac4133f68e0c14510615a4871583eeaa503bdbfcfa5d467deb6c64b643179153

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7419759ca8cb7725-LHR
content-encoding: br
content-type: text/html
date: Sun, 28 Aug 2022 02:01:30 GMT
dropped-udsids: 230|241|39|73|188|41|5|156
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHPeszT7GgjmTC3nGXE2ZOJVZW%2BL77YUScWHAVQrrkYz6c%2FviPpufS%2B%2FUTXzZzBEs4TjRGfPplxMFDv4Ro13kP8j2Hh%2FUtH8w5qW8PBK%2FzSUiyPVCyCDgSfAE%2BMtTWRmhqly71p1s3I6qg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 9AF6 43 B
220 B 65ms
54ms Image
image/gif 52.58.8.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=between
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8&CACHEBUSTER=147022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.8.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-8-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 02:01:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 510B 0
42 B 207ms
54ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67905049&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:30 GMT
content-length: 0

GET
H2

200

5542545c-2675-11ed-a044-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 9AF6
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5542545c-2675-11ed-a044-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5542545c-2675-11ed-a044-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=QSYZXzRNkduwYai0y%2Fv6ww&
https://an.yandex.ru/mapuid/adsniperis/5542545c-2675-11ed-a044-002590c82437
https://an.yandex.ru/mapuid/adsniperis/5542545c-2675-11ed-a044-002590c82437?redir-setuniq=1

43 B
108 B

103ms
103ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/5542545c-2675-11ed-a044-002590c82437?redir-setuniq=1

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:31 GMT
content-encoding: gzip
last-modified: Sun, 28 Aug 2022 02:01:31 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 28 Aug 2022 02:01:31 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:31 GMT
content-encoding: gzip
last-modified: Sun, 28 Aug 2022 02:01:31 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/adsniperis/5542545c-2675-11ed-a044-002590c82437?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 28 Aug 2022 02:01:31 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CF8C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENJ1vK6a4GeQcwGjNgBRCJE&google_cver=1

0
239 B

221ms
54ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENJ1vK6a4GeQcwGjNgBRCJE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENJ1vK6a4GeQcwGjNgBRCJE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF8C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdDT1FaUEEtMjYtNFI0OQ==

170 B
188 B

66ms
65ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdDT1FaUEEtMjYtNFI0OQ==

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdDT1FaUEEtMjYtNFI0OQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame CF8C
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7COQZPA-26-4R49

0
703 B

304ms
172ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7COQZPA-26-4R49
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 81F93490979A4E03A5D409347B8A8125 Ref B: FRAEDGE1112 Ref C: 2022-08-28T02:01:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXnQ4acjPsSHWw2heyekw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7COQZPA-26-4R49
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame CF8C 0
0 179ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF8C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI2YmQ3YjgzNGNhYjczNDM5NjFlYjY5ZmM4ZTljOGRlODRkZTM2NA

170 B
188 B

64ms
64ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI2YmQ3YjgzNGNhYjczNDM5NjFlYjY5ZmM4ZTljOGRlODRkZTM2NA

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI2YmQ3YjgzNGNhYjczNDM5NjFlYjY5ZmM4ZTljOGRlODRkZTM2NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CF8C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eFCwU640QdWOv-SKd9c9dg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eFCwU640QdWOv-SKd9c9dg

43 B
556 B

136ms
136ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eFCwU640QdWOv-SKd9c9dg

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S27Z7CVZHX1Q31KMP7H8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eFCwU640QdWOv-SKd9c9dg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame CF8C 70 B
265 B 174ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CF8C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ryAOoc48RXuPa4Tk3-HB2w&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ryAOoc48RXuPa4Tk3-HB2w

43 B
556 B

59ms
59ms

Image
image/gif

52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ryAOoc48RXuPa4Tk3-HB2w

Protocol

HTTP/1.1

Server

52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R0HYGKSB2754TQ4WVMNT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ryAOoc48RXuPa4Tk3-HB2w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6345 170 B
188 B 65ms
64ms Image
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6345
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB&dcc=t

43 B
645 B

135ms
134ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZK0GNWKWSCXT8T3W5HD3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 31R5TMJ9V3NZWPHBBRBN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6345 70 B
264 B 91ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6345 43 B
988 B 188ms
59ms Image
image/gif 2a05:d018:d29:3601:de76:c213:1adf:fff5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YwrMeAWR14fcP5bQa8f0-AAAEXEAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:de76:c213:1adf:fff5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 6345 0
35 B 421ms
136ms Image
text/plain 52.201.183.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.183.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-183-195.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:30 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 6345 43 B
408 B 357ms
56ms Image
image/gif 72.251.241.206
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:30 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-4
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 6345 0
0 170ms
60ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame 6345 35 B
263 B 377ms
125ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: Track004-iad
pragma: no-cache
date: Sun, 28 Aug 2022 02:01:26 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-type: image/gif
content-length: 35
expires: -1

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 6345 43 B
424 B 155ms
62ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YwrMeAWR14fcP5bQa8f0.AAA%264465
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 02:01:30 GMT
cf-cache-status: HIT
age: 113
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "761e21-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7419759dcc528879-LHR
expires: Sun, 28 Aug 2022 06:01:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D47 42 B
64 B 92ms
91ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLxg-aGlFjbQRZrrVG9vEY3Lo6sqiWtSDpj0xJSuaG2TT2VpY4r38mQ72hpjG6s4zySdywXyZ17A7iznLxiwyspsr-nST7oi-nb0amOzlQyF9zA_7k7qpnnIEp-8Wg_LIuMXy2Egc&sai=AMfl-YR4Hzjws4GHHDq7ChZYXfnsFskMGUXAVDF37NBHA-FkOb1uMHdtkxy-s0_25k8-XIv7Ue1uDWT7UcVKmggYgWBr_VEtWaaTd2H2FJvBlQ6mNcglSac2AAs0YS8H-UWS&sig=Cg0ArKJSzK_f1nJS7VXTEAE&cid=CAASKORofT4RYH2fQ-wR9PVeofU1h0yLFevJOquslspcvr8qsC22M5ViGsQ&id=lidar2&mcvt=1000&p=150,990,750,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2373899931&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661652088099&rpt=1359&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
215 B 198ms
197ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYcTZ,pingTime:1,time:1807,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D,%7Br:r,w:300,h:600,t:606%7D,%7Bpiv:100,vs:i,r:,t:710%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1097,o:710,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B705~0%5D,as:%5B601~0.0,104~300.600%5D%7D%7D,%7Bsl:i,t:710,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1097~100%5D,as:%5B1097~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:199,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7D47 43 B
215 B 199ms
198ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1081067&asId=e066ddd1-5c0e-07b6-6b15-01582fe08bb4&tv=%7Bc:mxYcTZ,pingTime:1,time:1807,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D,%7Br:r,w:300,h:600,t:606%7D,%7Bpiv:100,vs:i,r:,t:710%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1098,o:710,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B705~0%5D,as:%5B601~0.0,104~300.600%5D%7D%7D,%7Bsl:i,t:710,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1098~100%5D,as:%5B1098~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:199,fm:tfLAPcY+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a*.1081067-64110966%7C1a1%7C1a21,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 02:01:30 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 431F 0
743 B 56ms
55ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 02:01:31 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 56d5d73d-c833-4d81-b6dd-fc281520aef6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0D5D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

68ms
68ms

Document
text/html

92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8&CACHEBUSTER=147022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Aug 2022 02:01:31 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 28 Aug 2022 02:01:31 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D5D 31 KB
10 KB 75ms
75ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 02:01:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69784
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9377
Expires: Sun, 28 Aug 2022 21:24:35 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0D5D 0
239 B 252ms
55ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L7COQZPA-26-4R49
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET

147022
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 9AF6
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/147022
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/147022

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rtb.adxpremium.services
URL: https://rtb.adxpremium.services/openrtb2/auction

Domain: www.tns-counter.ru
URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/147022

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gismeteo.ua/ua	1969-12-31 23:59:59	Name: Value: store.test
.www.gismeteo.ua/	1970-01-20 06:17:24	Name: ab_audience_2 Value: 14
.www.gismeteo.ua/	1970-01-20 14:19:48	Name: cityIP Value: 744
.gismeteo.ua/	1970-01-20 15:10:12	Name: _ga Value: GA1.2.897840707.1661652086
.gismeteo.ua/	1970-01-20 05:35:38	Name: _gid Value: GA1.2.57684879.1661652086
.gismeteo.ua/	1970-01-20 05:34:12	Name: _gat Value: 1
www.gismeteo.ua/	1970-01-20 15:10:12	Name: cbtYmTName Value: Ankga2YgOCA1MDIyMTUyOjVnMzI6ZzFjIH9Q
www.gismeteo.ua/	1970-01-20 06:17:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.gismeteo.ua/	1970-01-20 14:19:48	Name: _pubcid Value: 6bcc06af-cadb-4f41-a5af-49908a9bffa5
.gismeteo.ua/	1970-01-20 15:03:00	Name: __gfp_64b Value: PAa6iGRf4EpIzxOAWLeTrokq5MihSPZTPDT4I.mNN1r.c7\|1661652085
.hit.gemius.pl/	1970-01-20 15:03:00	Name: Gdyn Value: KlxTZMaGQMGGnPx1-vVxtXMissGMZ1FcL6nxmG8Z2tGby0aiGsRPtP7iGKGGqQQ5gGlGEoG2GxGxDSy8kJBiGGMS
.admixer.net/	1970-01-20 07:43:48	Name: am-uid Value: ff591cdab67740d6bed8f7d706d73c38
.betweendigital.com/	1970-01-20 14:19:48	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:19:48	Name: tuuid Value: a435a6e5-7e60-52f0-b8eb-a3bedbe16fc8
.betweendigital.com/	1970-01-20 14:19:48	Name: ss Value: 1
.betweendigital.com/	1970-01-20 14:19:48	Name: unm Value: 1
loadercdn.net/	1970-01-20 15:10:12	Name: vui Value: 09204fd21b0f4369b4e131a32053ea82
.rubiconproject.com/	1970-01-20 14:19:48	Name: audit Value: 1\|SDziDG3X/EiXJoeTGAfXBa2qEsFCZ0ctSdOhPT1GMTm5ytjmgZCWnQwCsQLj5yeUgwdVPxbSSNiU44bWCyD7G8xuhZpbWKLtBMWf8c70DSg=
.rubiconproject.com/	1970-01-20 14:19:48	Name: khaos Value: L7COQZPA-26-4R49
.adnxs.com/	1970-01-20 07:43:48	Name: icu Value: ChgIgpE2EAoYASABKAEw9pirmAY4AUABSAEQ9pirmAYYAA..
.adnxs.com/	1970-01-20 07:43:48	Name: uuid2 Value: 7750811736563946120
www.gismeteo.ua/	1970-01-20 14:55:48	Name: cto_bidid Value: pga5k19NMHJ3VjhnWjczJTJGJTJCSlVSc2t5SjVwamdiUElIWTlSU2c0ZGtNc0s5NDUyVWtRU1o3SHJnTE41aWNuQUhDYklqRDlJMkNER09GR3A3OTRmem1lY2FMJTJGQSUzRCUzRA
www.gismeteo.ua/	1970-01-20 14:55:48	Name: cto_bundle Value: O5xk919CJTJCNlR0dE5KQmxnWlQybFRUZ2tYbFd3V20lMkZmNSUyRjIwJTJGNnZ4MENtNGtXNUJ0NjRuTnB1cVpCUnhvbmVmJTJCck5FbGphMUtjYVpNTE56U1ROeiUyQmdiNnpiTnhha1Jqb3MlMkZwZ3dzZlU0V21xWThTVEJIR2dPSG1pV01KbVJ5bmxyYnB0
.criteo.com/	1970-01-20 14:55:48	Name: uid Value: 19c7d9df-a455-4f58-a613-1f6c5e4ea709
www.gismeteo.ua/	1970-01-20 15:03:00	Name: __gfp_64b Value: C_LRkWLuQ1.tG_uSco276ZSsxQnNZ6oTG9DyYYQIxM..t7\|1661652087
.gismeteo.ua/	1970-01-20 14:55:48	Name: cto_bundle Value: gjtGAl9CJTJCNlR0dE5KQmxnWlQybFRUZ2tYbFl3ZEU1aGJrMzlLWEV5YWwlMkZaSmdKbjhqNzRZczk3ZVYwbWRuRDRDdENaSmVYcWpvYU4zWjlkMDhka2kwNHp4THV0anNmNXhkdmlIeFJYRjFsUXNPQVFaczlkeHpNMXlRZXpOUkxTM0ZKQzZLejA0VVp0MVJBT05jRHY5cGtpZGZBJTNEJTNE
.www.gismeteo.ua/	1970-01-20 14:55:48	Name: cto_bundle Value: gjtGAl9CJTJCNlR0dE5KQmxnWlQybFRUZ2tYbFl3ZEU1aGJrMzlLWEV5YWwlMkZaSmdKbjhqNzRZczk3ZVYwbWRuRDRDdENaSmVYcWpvYU4zWjlkMDhka2kwNHp4THV0anNmNXhkdmlIeFJYRjFsUXNPQVFaczlkeHpNMXlRZXpOUkxTM0ZKQzZLejA0VVp0MVJBT05jRHY5cGtpZGZBJTNEJTNE
.gismeteo.ua/	1970-01-20 14:55:48	Name: __gads Value: ID=816f350b9c250627-227ee33e0ace0079:T=1661652087:S=ALNI_MZEtunCvzPVtu8LJZkGZdvszMdzOw
.doubleclick.net/	1970-01-20 14:55:48	Name: IDE Value: AHWqTUnv313MI8Ba23Yw-P8r97m2e6ENDfRxNvmYrq4vhG3eW44hD7YSMh-l5mDGemI
.casalemedia.com/	1970-01-20 14:19:48	Name: CMID Value: YwrMeAWR14fcP5bQa8f0.AAA
.casalemedia.com/	1970-01-20 07:43:48	Name: CMPS Value: 4465
.casalemedia.com/	1970-01-20 07:43:48	Name: CMPRO Value: 4465
.adnxs.com/	1970-01-20 07:43:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il^o3bA^!]tbPl1M>e)ZlrFUfJ+tGXxp?A'TknGSjz_Wz`]AQjjgtV(/DmNa`@f]*W^13If)y3KL9D3I?+J/<OTJ
.csync.loopme.me/	1970-01-20 07:46:40	Name: viewer_token Value: 31fd8227-9c33-46d0-b8f7-190646a36ab2
.bumlam.com/	1970-01-20 15:10:12	Name: suuid3 Value: IiQ1NTQyNTQ1Yy0yNjc1LTExZWQtYTA0NC0wMDI1OTBjODI0Mzc*
.bidswitch.net/	1970-01-20 14:19:48	Name: tuuid Value: 8a4f31ca-503a-46b7-8dd4-dcbcd7a125c6
.bidswitch.net/	1970-01-20 14:19:48	Name: c Value: 1661652090
.bidswitch.net/	1970-01-20 14:19:48	Name: tuuid_lu Value: 1661652090
.adhigh.net/	1970-01-20 14:19:48	Name: gi_u Value: LrQlbZfegoL.AikABlGC4i69Zw
.ads.pubmatic.com/	1970-01-20 05:35:38	Name: KCCH Value: YES
.adhigh.net/	1970-01-20 14:19:48	Name: btw_sync Value: jh6
.casalemedia.com/	1970-01-20 07:43:48	Name: CMTS Value: 4432
.casalemedia.com/	1970-01-20 14:19:48	Name: CMRUM3 Value: 2d630acc7805a0CAESEFpCq3wuFSceutzHiaY9vNc&f1630acc7a05a0&9c630acc7a05a00&27630acc7a0b40&e6630acc7a2760&05630acc7a05a0&bc630acc7a05a00&29630acc7a05a0&49630acc7a05a0
.casalemedia.com/	1970-01-20 05:35:38	Name: CMST Value: YwrMemMKzHoA
.yahoo.com/	1970-01-20 14:20:09	Name: A3 Value: d=AQABBHrMCmMCEHpnwbQszo47M8iNThriUYwFEgEBAQEdDGMUYwAAAAAA_eMAAA&S=AQAAAnvAhIt_y3m1r8Wbke7Wze0
.aidata.io/	1970-01-20 15:10:12	Name: __upin Value: QSYZXzRNkduwYai0y/v6ww
.aidata.io/	1970-01-20 15:10:12	Name: __upints Value: 1661652090
.adtelligent.com/	1970-01-20 07:03:28	Name: vmuid Value: a056561cb62d558c
.adtelligent.com/	1970-01-20 07:03:28	Name: a319130 Value: 31fd8227-9c33-46d0-b8f7-190646a36ab2
.mathtag.com/	1970-01-20 15:00:07	Name: uuid Value: 246f630a-cc7a-4c00-a26d-646b39831cef
.adtelligent.com/	1970-01-20 07:03:28	Name: a584890 Value: 7750811736563946120
x01.aidata.io/	1970-01-20 05:34:12	Name: adsnpr Value: 1
.amazon-adsystem.com/	1970-01-20 15:10:12	Name: ad-privacy Value: 0
.betweendigital.com/	1970-01-20 14:19:48	Name: ut Value: YwrMegAMMRhClB8AMvFx1UYwUEzrx6NwQra3-A==
.amazon-adsystem.com/	1970-01-20 10:45:14	Name: ad-id Value: A9Zsq-WGsU3SpGmSN5AAuUU\|t
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:19:48	Name: bcookie Value: "v=2&a63d3d76-31c0-4bea-857a-e8d6706bcdf0"
.linkedin.com/	1970-01-20 09:53:24	Name: li_gc Value: MTswOzE2NjE2NTIwOTA7MjswMjG1GWTN6zt5cW7J3L2hcYqJ9UVbQOg8mWXg9fMEjtfliQ==
.linkedin.com/	1970-01-20 05:35:38	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2459:u=1:x=1:i=1661652090:t=1661738490:v=2:sig=AQG-4kv5yG3Hox2PvdfliTbG0coG2O35"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://galt.hit.gemius.pl/xgemius.js(Line 671) Message: Mixed Content: The page at 'https://www.gismeteo.ua/ua/' was loaded over HTTPS, but requested an insecure frame 'http://ls.hit.gemius.pl/lsget.html'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8c780ec42032b06d19ecf0d133ac0438.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
an.yandex.ru
ap.lijit.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
cache.betweendigital.com
cdn.admixer.net
cdn.indexww.com
cm.adgrx.com
cm.g.doubleclick.net
code.createjs.com
csync.loopme.me
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
galt.hit.gemius.pl
ghb.adtelligent.com
gismeteo.ua
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
node.setupad.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prg.smartadserver.com
px.adhigh.net
px.ads.linkedin.com
rss-images.gismeteo.st
rtb.adentifi.com
rtb.adxpremium.services
rtb.openx.net
s.amazon-adsystem.com
s.znctrack.net
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.gismeteo.st
stats.g.doubleclick.net
stpd.cloud
sync.adtelligent.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
www.gismeteo.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
rtb.adxpremium.services
www.tns-counter.ru
104.18.18.126
104.18.19.126
104.96.145.246
141.95.98.70
142.250.184.194
146.0.227.109
146.59.30.104
151.101.129.108
151.236.118.210
159.89.25.223
172.217.16.130
178.250.0.165
178.250.2.146
18.66.108.49
185.184.8.90
185.187.81.41
185.29.132.245
185.64.189.112
185.86.139.96
185.89.210.244
188.42.196.115
192.132.33.46
193.16.47.244
193.232.148.141
195.201.152.105
198.47.127.19
2.18.168.202
2.18.168.244
216.52.2.48
2600:1f13:800:7781:b014:6cd:344c:1dbf
2600:9000:223f:1c00:8:48e:53c0:93a1
2602:803:c003:200::21
2606:4700:20::ac43:44a2
2606:4700:20::ac43:4a81
2606:4700::6812:1f31
2606:4700::6812:d4c
2606:4700::6813:ad6c
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c02::9b
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:3500:11::215:14cb
2a02:6b8::90
2a03:90c0:e1:2801::254
2a05:d018:d29:3601:de76:c213:1adf:fff5
2a06:98c1:3120::c
2a06:98c1:3121::3
2a0c:5c81:5142::2
31.172.81.160
35.227.252.103
35.244.159.8
35.244.174.68
37.157.6.242
52.201.183.195
52.223.40.198
52.46.143.56
52.48.242.118
52.58.8.248
52.94.220.185
62.149.0.72
69.173.144.138
69.173.144.165
72.251.241.206
79.137.68.72
89.108.119.28
92.123.9.160
0187c990d35bb02b70d3260ecf0f1f9b4f522a2a201b134e8d6b9ce5e71f4a18
028ece88a0bad9dae07f7157e17893a24694368f734d2868ce54109dac4eb1f0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0fe46bc11974108272971ce38f0d466dbacf7bd9d1b8bc14064e68d325a92c15
121407f0c7694e5481f8352e8edfb85b6c8deb3ac9114376cf96199cd78fcb37
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130abfcf6a76e6eca3a26b5e28c9a3888f781b387f1c4738ab0050c62dc3f011
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24287f9d20dcf167577e48a9a65d297ee75926f2c140696b922996e27a303f9c
2469fc90b25637ad0040a74eda930bedb080c43925a53c1918199899344dd51d
257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270
26215e3689877a4ddd07c4fdf1b145aaab0b38bc296f603b14e37415e6ba9302
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28afb0bf5088962ee2ab6ccd51361d8851bbe38b82cb49acc1c5730fcc25f033
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d406d4745472525da74efe07425fa1c73865f524dccf430f6c0f0e85f6f06b6
2d48083fb1497fd8a18c60cee6cc3d02a5d35400774750a32c88e3df45aa6fb0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f993db6e30bbd94ee90badf25d83ebe65d8eaf4598d458bd42baf0fbb657d1e
343258b367bfb47c4bcdfa53bb95c5552a89701e36b55396a433505f53dc64d4
363c6fac5b3f75edd2474d6a8c8b0e0fc9631c26a1539ea7ef245bbc102ffc24
3a8fd549076facade6d9bbc7d152c457f74e8c1d33cbbea2235013e33cb8429a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
44cc200eabfd8d1f870e2c401a03bc753e471c1f5dfb518a208df9415a59e8d2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5e2dd50bba8024e8aa1a26090afd3babd3afdf91c3421295df5145687e4553
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb127faab61d35a30e2941868508a1d37b60658f3310af0c702b19e2538bed3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51f95e632f7eacb16867bfd50ae647a58f9a995faf6796e3f8ac459f9d308bef
53a174b4bf00eb83e8211d8425b45e6785b1af25b1d7df7d731cafcb37dc580e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eefb758ec0d6ed2319696a5fcab07481672b952b95a8bccef85e6ede888551
550ca3eec3594bf185dfb22fb198cf60d06c88abcf9bf7a66ff0c187a534df08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ff33ff05a65a7275c4ecf0792cfd9010a6bfc139af4ca18fddc3f4674afc90
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
579f5cc460eae1187e0176ec65c41f465ef76970f76eaa4b6573e3d321b690b2
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5b8b0567f71ee43f2417ab43d85e6aac06f26c54f659d831826bb1fabac7ced3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ef9e4a353c5adea27356c57a75527bd31dfaddb0cdaa334dd546f8bacac7fb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48
65510155fba43504911909ebd5a89b33097335878ff825b6fd565d61a4688404
6783d5fc381c850006df213be6f9a25a599360cbd81a6ad72825af8efe653b62
67b97aa87a6f7bbbc0a23fcc15946bbadd80bac4c5eda988db95fa7a25150be5
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69203082f1a1c36dc4a1668c84a1e46b9f660839dd6d4af9e96f48c6d8c0fdaa
6ac43de91dbd9878106a509215bc21b8e90e8ec6307e66bafdee781abbbd78c9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2941542d48d1d601fd4113febd03be394c3645ff435163ff5200867120943a
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e
741b390ad163d4b583a0fc40dc9fba935c4a4191ddc8fc322c59ed5dc227f4f1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a39f570427f003b3fe77c6a011ffbfcf96fa4f0ca741d2f3df2620473c140d
75d19b9bf5745d06ab4472468c07fd174802282448222f92bee9d8cc0319116b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
894aa20536ae6e99f77b8ea596211dc5a629e23fc3bd25be898f78612e245abc
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b0050009ddc2e0fe63b1894a7493a169ac85e98d1dd64571328e028b7eacc0b
8c5e9d95789ab855ee46c1cee4514ab3e9e1bc44f45168c36efe93587b81a07b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9709536c63c0fe7d46b59bcbdbd32a33e8201d32316674a742d003c767b2e2b9
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
9c08c7d75ed50f7ead3d65bf0488ba70557b8cfb584bd2b31914513d5ca5f7c9
9e37393d6f573fe5819635f2c25b4c9ef9a85e99a675229b2abbd124cdedcad5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a14b9afd047a1865b967f17302a26412a945601b33f356afc9954a8714dcc5c4
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ceef6b115a58d54ec71e535ed8005bc70638914e6210bcbd450c3a9a327cf4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56c205b17f172e198b8ecda86282e8e29a86d88d02a39ac120f527fc71bcd17
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac4133f68e0c14510615a4871583eeaa503bdbfcfa5d467deb6c64b643179153
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2638eaae9dc2402c9664742a634e8826efe152414b9e5336dc95f7a177e01fa
b527e86d1e1355426b50d8e43523d84bf699ff3434a11db4f939fbd112ec335f
ba0803adb8594801d6042987943eafc61eba0ab65ef0acd98cc9c42689128da3
c05733753a43a3444c66e94bed42acf77d626d5bd1a07a459a6dbb806bde84c3
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c210a0a3eadddeb40cd8459858c28f2b7e294a75adafef7c13c9d1cc9ab9cb2f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2325cc3abd323bc27f327fe7d70ea4b15ff04551216270abc07e94de73141cc
c289a7ba9be1b36ee7744ca9fdb5b6fbed3187b36166262588a56ec383a7b3c8
c2f70f7f2fd46bf379c73263e07a52ea27eb6157f55d7399cb0487de0684069e
c83ac0e7d062ae1e3e57affb196152e44cc2b0e4cb105f507b7f4cf2330da8e3
c8a72ec1f1a4635013511eca88ced2449ae3035762d87c48658a4329bcef9489
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df94b012428d4a6fdae47f60cf86ffc6eb3e3d115ba5a3e71a287f78b35074db
e28fa0ae8c014c194a5c63cfe418d5d21e3b8df63348d0bbb8aefab5de12eaea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7a77be3f964fb2a81b4a76f77cf9e4b913721c0befbf1847987761a5f63745b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17e298573af53fdf05d24ea1b1f73b68382bfd7196f45d70e9256110e447f8c
f37222ba1c04bcacbc5082561d22b82a9c7e947e0dfabb097a5e4f64e8cbf519
f60bc0d75fe77efbc7f4281e2020d436d61b19960a01eb9b818067896e3d38a9
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
fb185961dd211f6c6c248839d0e6bdf7a54610c889f7de21c084f81ae05cc0d3
fc706da7708489e7e72f770c368ad6b362f7b8be58eb221699df21b97eb8fb80
fe2afd17237c8eaeaa6ca240c0af8fcf7464920edcfac8816589ea92322fc31a

www.gismeteo.ua Open in urlscan Pro 193.16.47.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

87 %HTTPS

38 %IPv6

52 Domains

84 Subdomains

70 IPs

16 Countries

1493 kBTransfer

4626 kBSize

59 Cookies

11 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gismeteo.ua Open in urlscan Pro
193.16.47.244 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

87 %
HTTPS

38 %
IPv6

52
Domains

84
Subdomains

70
IPs

16
Countries

1493 kB
Transfer

4626 kB
Size

59
Cookies

181 HTTP transactions
4 data transactions