dynamo.kiev.ua Open in urlscan Pro
195.206.238.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dynamo.kiev.ua/
Submission: On October 25 via manual (October 25th 2021, 1:55:14 pm UTC) from US — Scanned from DE

Summary HTTP 624 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 69 IPs in 12 countries across 72 domains to perform 624 HTTP transactions. The main IP is 195.206.238.20, located in Ukraine and belongs to UKRTELNET, UA. The main domain is dynamo.kiev.ua.

This is the only time dynamo.kiev.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
121	195.206.238.20 195.206.238.20	6849 (UKRTELNET) (UKRTELNET)
7	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	104.16.122.175 104.16.122.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.201.8.180 195.201.8.180	24940 (HETZNER-AS) (HETZNER-AS)
7	195.206.238.120 195.206.238.120	6849 (UKRTELNET) (UKRTELNET)
1	31.28.167.67 31.28.167.67	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
9	92.223.124.254 92.223.124.254	199524 (GCORE) (GCORE)
1	5.79.64.54 5.79.64.54	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
50	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
5	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
2	213.227.149.183 213.227.149.183	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	142.251.5.155 142.251.5.155	15169 (GOOGLE) (GOOGLE)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
2 37	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
1 13	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
7	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
1	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
1 15	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
5 5	18.185.142.87 18.185.142.87	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.21.136 18.197.21.136	16509 (AMAZON-02) (AMAZON-02)
22 69	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	195.209.108.49 195.209.108.49	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	194.247.175.19 194.247.175.19	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2 2	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
12	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
72	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
10	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
23	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
8 16	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
8 12	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
30	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
16	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
3 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3	91.228.74.189 91.228.74.189	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 3	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	54.93.133.131 54.93.133.131	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1 4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
2	23.218.208.133 23.218.208.133	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	142.250.182.67 142.250.182.67	15169 (GOOGLE) (GOOGLE)
2	64.158.223.137 64.158.223.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	52.17.85.128 52.17.85.128	16509 (AMAZON-02) (AMAZON-02)
2 2	18.66.112.34 18.66.112.34	16509 (AMAZON-02) (AMAZON-02)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	172.217.130.72 172.217.130.72	15169 (GOOGLE) (GOOGLE)
8 8	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
4	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	185.172.148.132 185.172.148.132	44239 (PROINITY ...) (PROINITY PROINITY)
8	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
4 8	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	136.243.15.236 136.243.15.236	24940 (HETZNER-AS) (HETZNER-AS)
2	78.47.15.207 78.47.15.207	24940 (HETZNER-AS) (HETZNER-AS)
8	136.243.33.79 136.243.33.79	24940 (HETZNER-AS) (HETZNER-AS)
4	18.66.97.25 18.66.97.25	16509 (AMAZON-02) (AMAZON-02)
4 4	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 2	104.18.12.5 104.18.12.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	3.127.51.194 3.127.51.194	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 3	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	87.248.118.22 87.248.118.22	203220 (YAHOO-DEB) (YAHOO-DEB)
7	136.243.12.41 136.243.12.41	24940 (HETZNER-AS) (HETZNER-AS)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
8	54.77.236.168 54.77.236.168	16509 (AMAZON-02) (AMAZON-02)
624	69

121 195.206.238.20 (Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: trono.magnet.kiev.ua

dynamo.kiev.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.122.175 (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.8.180 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.180.8.201.195.clients.your-server.de

gagadget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 195.206.238.120 (Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: orto.magnet.kiev.ua

video2.magnet.kiev.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.28.167.67 (Zhytomyr, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

ua-content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 92.223.124.254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.79.64.54 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cdn.trafficdok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.149.183 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.trafficdok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 146.0.227.110 (Germany) 2 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.184.8.65 (Poland) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.185.142.87 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.21.136 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-21-136.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 142.250.185.98 (United States) 22 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.49 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.19 (Ukraine) 1 redirects

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.218.208.246 (United States) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.172.45 (Ascension Island) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.133.131 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-133-131.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Heppenheim an der Bergstrasse, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.91.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.133 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-133.deploy.static.akamaitechnologies.com

s79.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.182.67 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s20-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-usadmm.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.85.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-85-128.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.34 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.174 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.130.72 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f8.1e100.net

r3---sn-2gb7sn7r.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 145.239.193.130 (France) 8 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.172.148.132 (Germany)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.23.99.218 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.15.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h339.meetrics.de

stat.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.47.15.207 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h549.meetrics.de

s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 136.243.33.79 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h380.meetrics.de

b190.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.150 (Southampton, United Kingdom) 4 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.51.194 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.237 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.125 (Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.118.22 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e1.ycpi.vip.deb.yahoo.com

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 136.243.12.41 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h300.meetrics.de

b192.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.77.236.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
124	googlesyndication.com pagead2.googlesyndication.com 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com tpc.googlesyndication.com	1 MB
121	dynamo.kiev.ua dynamo.kiev.ua	3 MB
108	doubleclick.net 27 redirects stats.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net 5994599.fls.doubleclick.net	396 KB
46	admixer.net 2 redirects cdn.admixer.net inv-nets.admixer.net	215 KB
32	redintelligence.net 4 redirects hal9000.redintelligence.net hal90003.redintelligence.net hal900012.redintelligence.net hal900016.redintelligence.net hal900018.redintelligence.net	233 KB
30	2mdn.net s0.2mdn.net	218 KB
23	google.com 1 redirects www.google.com adservice.google.com	5 KB
17	de.com s79.research.de.com b190.s79.research.de.com b192.s79.research.de.com	5 KB
16	casalemedia.com 8 redirects dsum-sec.casalemedia.com	15 KB
15	creativecdn.com 1 redirects prebid-eu.creativecdn.com creativecdn.com	3 KB
12	webgains.io analytics.webgains.io api.webgains.io	205 KB
12	adnxs.com 8 redirects ib.adnxs.com	10 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	179 KB
11	medialead.de 11 redirects pv.medialead.de medialead.de	8 KB
8	webgains.com track.webgains.com	11 KB
8	googletagservices.com www.googletagservices.com	293 KB
7	google.de www.google.de adservice.google.de	2 KB
7	magnet.kiev.ua video2.magnet.kiev.ua	71 KB
7	googleapis.com ajax.googleapis.com fonts.googleapis.com	96 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	5 KB
5	openx.net 4 redirects us-u.openx.net rtb.openx.net	1 KB
5	googleadservices.com partner.googleadservices.com	1 KB
5	adform.net 4 redirects adx.adform.net c1.adform.net	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	googletagmanager.com www.googletagmanager.com	173 KB
4	sitescout.com 4 redirects pixel-sync.sitescout.com	2 KB
4	awin1.com www.awin1.com	3 KB
4	ad-server.eu ad-server.eu	1 KB
4	office-partner.de adv.office-partner.de	5 KB
4	media01.eu pb.media01.eu	1 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
3	spotxchange.com 2 redirects sync.search.spotxchange.com	2 KB
3	3lift.com 3 redirects eb2.3lift.com	1 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	blismedia.com 2 redirects tr.blismedia.com	936 B
3	quantserve.com cms.quantserve.com	885 B
3	trafmag.com m.trafmag.com	1 KB
3	trafficdok.com cdn.trafficdok.com z.cdn.trafficdok.com	3 KB
3	adriver.ru 2 redirects ua-content.adriver.ru ad.adriver.ru	6 KB
2	adsrvr.org match.adsrvr.org	529 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	rfihub.com 1 redirects p.rfihub.com a.rfihub.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	878 B
2	travelaudience.com 2 redirects ads.travelaudience.com	760 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	meetrics.net stat.meetrics.net	702 B
2	gvt1.com 1 redirects redirector.gvt1.com r3---sn-2gb7sn7r.gvt1.com	950 KB
2	smaato.net 2 redirects s.ad.smaato.net	885 B
2	dotomi.com dclk-match.dotomi.com	207 B
2	mxcdn.net s79.mxcdn.net	115 KB
2	advertising.com 2 redirects pixel.advertising.com	941 B
2	teads.tv sync.teads.tv	344 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	tns-ua.com 1 redirects pa.tns-ua.com	467 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	facebook.net connect.facebook.net	79 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	googleusercontent.com themes.googleusercontent.com	474 KB
1	simpli.fi 1 redirects um.simpli.fi	711 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	584 B
1	1rx.io 1 redirects sync.1rx.io	699 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	457 B
1	mathtag.com 1 redirects sync.mathtag.com	830 B
1	facebook.com www.facebook.com
1	google-analytics.com www.google-analytics.com	308 B
1	bigmir.net c.bigmir.net	724 B
1	gagadget.com gagadget.com	2 KB
1	unpkg.com unpkg.com	2 KB
0	lijit.com Failed ap.lijit.com Failed
0	netmng.com Failed google2waycm.netmng.com Failed
624	72

	Domain	Requested by
121	dynamo.kiev.ua	dynamo.kiev.ua
72	pagead2.googlesyndication.com	cdn.admixer.net pagead2.googlesyndication.com googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com dynamo.kiev.ua securepubads.g.doubleclick.net
69	cm.g.doubleclick.net	22 redirects googleads.g.doubleclick.net dynamo.kiev.ua 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
48	tpc.googlesyndication.com	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
37	inv-nets.admixer.net	2 redirects cdn.admixer.net dynamo.kiev.ua
30	s0.2mdn.net	dynamo.kiev.ua googleads.g.doubleclick.net s0.2mdn.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com dynamo.kiev.ua
16	hal9000.redintelligence.net	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com hal900018.redintelligence.net hal90003.redintelligence.net hal900016.redintelligence.net hal900012.redintelligence.net
16	dsum-sec.casalemedia.com	8 redirects googleads.g.doubleclick.net
13	www.google.com	1 redirects googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com tpc.googlesyndication.com
12	ib.adnxs.com	8 redirects googleads.g.doubleclick.net
12	prebid-eu.creativecdn.com	cdn.admixer.net
10	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com 5994599.fls.doubleclick.net
9	cdn.admixer.net	dynamo.kiev.ua cdn.admixer.net
8	api.webgains.io	analytics.webgains.io
8	b190.s79.research.de.com	googleads.g.doubleclick.net dynamo.kiev.ua
8	5994599.fls.doubleclick.net	4 redirects dynamo.kiev.ua
8	track.webgains.com	dynamo.kiev.ua googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com track.webgains.com
8	pv.medialead.de	8 redirects
8	www.googletagservices.com	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
7	b192.s79.research.de.com	4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com dynamo.kiev.ua
7	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
7	video2.magnet.kiev.ua	dynamo.kiev.ua
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com hal900018.redintelligence.net hal90003.redintelligence.net hal900016.redintelligence.net hal900012.redintelligence.net
6	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	partner.googleadservices.com	pagead2.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	www.googletagmanager.com	dynamo.kiev.ua adv.office-partner.de
4	pixel-sync.sitescout.com	4 redirects
4	analytics.webgains.io	track.webgains.com
4	www.awin1.com	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
4	ad-server.eu	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
4	adv.office-partner.de	hal900018.redintelligence.net hal90003.redintelligence.net hal900016.redintelligence.net hal900012.redintelligence.net
4	pb.media01.eu	hal900018.redintelligence.net hal90003.redintelligence.net hal900016.redintelligence.net hal900012.redintelligence.net
4	googleads4.g.doubleclick.net	dynamo.kiev.ua
4	hal900018.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900018.redintelligence.net
4	hal900016.redintelligence.net	1 redirects 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com hal900016.redintelligence.net
4	hal900012.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900012.redintelligence.net
4	hal90003.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90003.redintelligence.net
4	sync-tm.everesttech.net	4 redirects
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
4	4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	sync.search.spotxchange.com	2 redirects googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	medialead.de	3 redirects
3	eb2.3lift.com	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	pixel.rubiconproject.com	3 redirects
3	tr.blismedia.com	2 redirects googleads.g.doubleclick.net
3	cms.quantserve.com	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
3	m.trafmag.com	dynamo.kiev.ua
3	creativecdn.com	1 redirects dynamo.kiev.ua cdn.admixer.net
2	match.adsrvr.org	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
2	ads.creative-serving.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	s79.research.de.com	s79.mxcdn.net
2	stat.meetrics.net	s79.mxcdn.net
2	s.ad.smaato.net	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
2	csi.gstatic.com	www.gstatic.com
2	s79.mxcdn.net	s0.2mdn.net
2	pixel.advertising.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	adx.adform.net	1 redirects dynamo.kiev.ua
2	ads.betweendigital.com	2 redirects
2	pa.tns-ua.com	1 redirects dynamo.kiev.ua
2	ad.adriver.ru	2 redirects
2	a.sportradarserving.com	2 redirects
2	connect.facebook.net	dynamo.kiev.ua connect.facebook.net
2	stats.g.doubleclick.net	1 redirects dynamo.kiev.ua
2	z.cdn.trafficdok.com	cdn.trafficdok.com
2	counter.yadro.ru	1 redirects dynamo.kiev.ua
2	themes.googleusercontent.com	dynamo.kiev.ua
1	um.simpli.fi	1 redirects
1	ads.yahoo.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	rtb.openx.net	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	a.rfihub.com	googleads.g.doubleclick.net
1	p.rfihub.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	r3---sn-2gb7sn7r.gvt1.com	4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	www.facebook.com	connect.facebook.net
1	www.google.de	dynamo.kiev.ua
1	www.google-analytics.com	www.googletagmanager.com
1	c.bigmir.net	dynamo.kiev.ua
1	cdn.trafficdok.com	dynamo.kiev.ua
1	ua-content.adriver.ru	dynamo.kiev.ua
1	gagadget.com	dynamo.kiev.ua
1	unpkg.com	dynamo.kiev.ua
1	ajax.googleapis.com	dynamo.kiev.ua
0	ap.lijit.com Failed	googleads.g.doubleclick.net
0	google2waycm.netmng.com Failed	googleads.g.doubleclick.net
624	104

This site contains links to these domains. Also see Links.

Domain
comin.co
goalapi.com
magnet.kiev.ua
wc2014.dynamo.kiev.ua
ringside24.com
twitter.com
www.facebook.com
vk.com
flipboard.com
telegram.me
www.bigmir.net
www.liveinternet.ru
orphus.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
gagadget.com R3	`2021-09-04` - `2021-12-03`	3 months	crt.sh
*.dynamo.kiev.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-07` - `2022-10-07`	a year	crt.sh
video2.magnet.kiev.ua R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
c.bigmir.net R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.cdn.trafficdok.com Go Daddy Secure Certificate Authority - G2	`2021-03-10` - `2022-04-11`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2021-10-16` - `2022-10-18`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-10-12` - `2021-12-21`	2 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
adv.office-partner.de R3	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
ad-server.eu R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
meetrics.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-11-17`	2 months	crt.sh

This page contains 67 frames:

Primary Page: http://dynamo.kiev.ua/
Frame ID: 90A8EBA760B15B5AB453EBEB2D002D69
Requests: 219 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: D12EA58109CAB703DE81D502C8A16B7D
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 084E8AE63E0756AB03E61BFE56BB5AD9
Requests: 8 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DC7CB81D3945A5DF3ABC50A1DE0F3AE1
Requests: 8 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F2A6A4010D0A7FDFEB353CCBFF71A3A5
Requests: 8 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 67959F775E1E2573A3469971A6AF24E8
Requests: 8 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D1043A164183B1C7543B9462C268F85B
Requests: 8 HTTP requests in this frame

Frame: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 323F721568A502DF18230CC7ED2A42BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Frame ID: 36B333C73CB1C4C9CB1A907E229B66B9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
Frame ID: 98F01AAEC3386CD58AD50F1414FCB6DD
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452
Frame ID: F5E1FCD74445F5FFE78F66135BDBDEEF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
Frame ID: F840A03261D22D4275657864BD02D185
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
Frame ID: 9D329F655566C1FC70480A621A91307F
Requests: 18 HTTP requests in this frame

Frame: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC46FEB0A4E25490D2524B354F15D82F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVAyb4r0rL9gMJHTQXwZTCT3qfVhM9ElwVI1f7wVJWWPjB5TFS3JsCncBx87LlenBRpK6Vduh3y4UcnIz8LVqADlrySiWRVa9GeNwX47SAzLK-18Ge5e2yVXhUbo54ZCRdKPgBHIPcFYrnnlTagc0f7uOT_1hZZg7UPtCvLVqJsqdFMhFY
Frame ID: 17F5612C428071DAB9F1C2BDF1B0BCD5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXewEnMtG7KX6jixnmL2cS6H9a8fC0bL0pyJPtUNfYjviQ4puPqPjPfAbryRTNLbMetbCzm4cH14Kng7cRLoKpuyaK2udiKp7kDPfAOipSQKJumAo2PMNVXY2Zg3gstJ05us4nDyZIvhD71VMB-7ycKWcYoHtiVQg9eeqC0-bDQq9RL5WI
Frame ID: 7FD682AEF237530F830527811499B51A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWhaLfbGnWitkaED2wLLOyCmXoYcKE4UH-xtpPpkYvKlC4rxdWVDjpB5VB2To92b_Ct8Sm5LGeJiisu6ntOOq8YsBm3xq7mirk3PZPbUXKrr9ji_WWX1eohF8PZpavY7y1eBTpVzj41AjgIATTJQoDDqd9uQ6glUv2eS-_ba9mDtfvw4Fc
Frame ID: D4BE0B9F06DB12C0ECAA89EBADD1BDE6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPFC0P2rfM5FBSRGoSifbmrxMeG3H11nEJr-MJBkIpvHJumz1jqP1UDhuUY2XUQg9ZG5kJb0Iqk5CI96CqvfSMZkm9VgmXSgbziOjxC0thfZJujPsZmkIhRychqZFTRA__8uTp7rm-2Rd5fbAyg5wPRVCfgE-BLT01SzfcMEiXMuDMBY0
Frame ID: 6AEFCED9222F1692A8B61082DD6EC919
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNUTvmGrW-Ki33VoaqmQw1INoUuooI3LolUjNnyIlsT50h2XhnvvHS2dChe0hudWUwscfRzc-dl7APMUKraTH3BWCkVKZrrV9Bdv5qGCTkOO-qtF_vXpkZ7qQL4b2rFEErJYxLc3W8plkhUmVgAc65uTauAAzzWGYTp8ZdyYrwNA2Oja6NQ
Frame ID: 9370D488874A82DD84997DE4904C3C34
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7FB47553FD6773957BC00CE9943B9600
Requests: 9 HTTP requests in this frame

Frame: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1E2EF5A02D3B030B56FCB5ABCDE2476B
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80146427408E92CBC1DB20FFDC4608A9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A72AD5C8822ACD90EDD98F6A231A06A3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F712D10F8C75D7ACDC2A8ADB52DBAD7D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E71E63321C231AB15C3010769180251F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 166D399C7A22DA3EB4021B54CE010DAF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3749D2CD6D830C2E35189B5B3A4EAB71
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
Frame ID: 6D04E8504635CE167A670FEAD4B9F19A
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3B36559FC9DE5ADE03D321E30850F58
Requests: 6 HTTP requests in this frame

Frame: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ADF5EA876161725070F1F8BBCC921F32
Requests: 25 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39570700125856400710612011758018&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: C87B342B1B74447DF77265C2B655FFDF
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B0E5C41F772A4F1D5EC1D53EEC08914F
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415
Frame ID: 0AA017098FDA42539F055D99FD09C45D
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8
Frame ID: 6F73B4CC0454360E3857383D5D639DF0
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8676CBAEA3AB76A4996336306E82CCBF
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25452000104720100710612011758003&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 4004C0CB889E31A787EE5DC15C980CD5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: CE91AB4163ABE7D85D7B903637E17B80
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136
Frame ID: 7CA2043936250B9648C86975EC7DF343
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd
Frame ID: F8461533AA4DF2A4EFC65DF57394163E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 487FD214317867C3CF6986EB05C09DB9
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43215700121998400710616011758016&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 3A9554CCD304A39F928FC17B065A5289
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 538816ACC1049B40134BC04D78E7C09C
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464
Frame ID: 0A4CFB549002034B47933A8B277C00C6
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392
Frame ID: 2082F709FD7FD4889FA5BB38EFBDD12B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FE249A1778CB272298789DA6F09DAA4B
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99822300098877200710612011758012&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: E9BD0DDEFF3FE0097142FAB1F08C7012
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8FEBF02BE2322867FB478821C08C4EC6
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38
Frame ID: 4A14C67BD7983093F7E9CF2361C1B6F4
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5
Frame ID: 5CE958760519BBBDA460106E1336176F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0EB525641E9D8A851A538FB17A749DC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Frame ID: A2712046024E0E8FCF1370154EF3765A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNX5spHZuar5iS27GizL578c4FXGrzmfpcE8ay5TtjWhNCjpVhUXNMHYlatJwCZF8o4FHgzp3hM66VmH9LtkofTh3Oh-zK-KJPtErGsNSlWzb4aPtq0m_j8a7c1pWlVFRjZPc9QZqrETMwkt2hZOeATTGUhwvDzy2_mcpZEAg2k4lblm3zY
Frame ID: F359D0EF609C9335E9F6A66333719F1D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FE584E56EC6D50C933CFF9A6837A0307
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AF58F18EAD13ECBE584C50A86868977
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
Frame ID: C7845447D7123C3798A4EC93A6FFE9EB
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A635A4C53A4D165364848FE0D5A607C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 160C243C9A1DC4401623CD9E4E4225E3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D7C64060FDC315803710EB97EF4C8FD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DBBD32F0E0F667199631E9A6BEEAA51A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 83753AA3A45FF2665237DCB8F7CF0963
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9BE0FBF79440B3B5C27C250D3200B971
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A9CD7DAD415BC56786D464C82D0C67C8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B09B26C130317FDF80D2AB70903EBB78
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 407AA81AA1D522DFDAE732F9A0389C7F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10EC2B8A3470C07407266521A9482AE1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1ED129227819B1CB948DF71E878B848E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3BEE87B01D08BA0211626E9DB07B9287
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Динамо Киев от Шурика - все о футболе Украины и мира

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

624
Requests

91 %
HTTPS

0 %
IPv6

72
Domains

104
Subdomains

69
IPs

12
Countries

8044 kB
Transfer

13813 kB
Size

82
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://comin.co/s/65079dd5dadce78aafc67148812622a52b754f72/0
Title: на Megogo футбол 1

Search URL Search Domain Scan URL

URL: http://goalapi.com/
Title: Результаты предоставлены GoalAPI.com

Search URL Search Domain Scan URL

URL: http://magnet.kiev.ua/advertising/dynamo/
Title: Реклама на сайте

Search URL Search Domain Scan URL

URL: http://magnet.kiev.ua/rules/
Title: Пользовательское соглашение

Search URL Search Domain Scan URL

URL: https://wc2014.dynamo.kiev.ua/
Title: ЧМ-2014

Search URL Search Domain Scan URL

URL: https://ringside24.com/ru/news/
Title: Новости бокса

Search URL Search Domain Scan URL

URL: https://ringside24.com/ru/mma/
Title: Новости ММА

Search URL Search Domain Scan URL

URL: https://twitter.com/dynamo_kiev_ua
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dynamo.kiev.ua
Title: Facebook

Search URL Search Domain Scan URL

URL: http://vk.com/fc_dynamokiev
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://flipboard.com/@dynamokievua/dynamo.kiev.ua---%D0%B2%D1%81%D1%91-%D0%BE-%D0%BA%D0%B8%D0%B5%D0%B2%D1%81%D0%BA%D0%BE%D0%BC-%C2%AB%D0%B4%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%C2%BB-%D0%B8-%D1%81%D0%B1%D0%BE%D1%80%D0%BD%D0%BE%D0%B9-%D1%83%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B-kdkdhblcy
Title: Флипборд

Search URL Search Domain Scan URL

URL: https://telegram.me/dynamo_kiev_ua
Title: Телеграмм

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/?cl=5613
Title:

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://orphus.ru/

Search URL Search Domain Scan URL

URL: http://magnet.kiev.ua/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

http://dynamo.kiev.ua/static/img/ajax-loader.gif HTTP 307
https://dynamo.kiev.ua/static/img/ajax-loader.gif

Request Chain 29

http://dynamo.kiev.ua/media/cache_new/2a/f4/2af4440a3fabdb38965ae31637861473.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/2a/f4/2af4440a3fabdb38965ae31637861473.jpg

Request Chain 30

http://dynamo.kiev.ua/media/cache_new/cb/9e/cb9e5946ea363c668fb8b97739d0b3b2.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/cb/9e/cb9e5946ea363c668fb8b97739d0b3b2.jpg

Request Chain 31

http://dynamo.kiev.ua/media/cache_new/20/6f/206fe2bac7e152cd5f69cb0e98e6d616.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/20/6f/206fe2bac7e152cd5f69cb0e98e6d616.jpg

Request Chain 32

http://dynamo.kiev.ua/media/cache_new/65/ca/65cac6a7014c1121ec8dd86fea04cd87.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/65/ca/65cac6a7014c1121ec8dd86fea04cd87.jpg

Request Chain 33

http://dynamo.kiev.ua/media/cache_new/15/0d/150d5199ed87107c522f4be320dd5304.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/15/0d/150d5199ed87107c522f4be320dd5304.jpg

Request Chain 34

http://dynamo.kiev.ua/media/cache_new/95/df/95df7299d8fa85af9d4d56389695011d.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/95/df/95df7299d8fa85af9d4d56389695011d.jpg

Request Chain 35

http://dynamo.kiev.ua/media/cache_new/5f/e1/5fe14af7fd264f4e2a7aef1a8bd04653.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/5f/e1/5fe14af7fd264f4e2a7aef1a8bd04653.jpg

Request Chain 36

http://dynamo.kiev.ua/media/cache_new/60/dd/60dd50ca3438723b62bfcda196f4b372.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/60/dd/60dd50ca3438723b62bfcda196f4b372.jpg

Request Chain 37

http://dynamo.kiev.ua/media/cache_new/34/a5/34a579343a12e8e23b85c3e39f3b39ea.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/34/a5/34a579343a12e8e23b85c3e39f3b39ea.jpg

Request Chain 38

http://dynamo.kiev.ua/media/cache_new/3a/02/3a0291bc00839f78fc9e352a7398aa2a.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/3a/02/3a0291bc00839f78fc9e352a7398aa2a.jpg

Request Chain 39

http://dynamo.kiev.ua/media/cache_new/27/9f/279f8d2848e9c954a1342c5259e66a10.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/27/9f/279f8d2848e9c954a1342c5259e66a10.jpg

Request Chain 40

http://dynamo.kiev.ua/media/cache_new/fd/c1/fdc1eb4b713fae9c27b03f1762decc33.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/fd/c1/fdc1eb4b713fae9c27b03f1762decc33.jpg

Request Chain 41

http://dynamo.kiev.ua/media/cache_new/90/cf/90cf3d481ae39d2b8ef3693af2472721.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/90/cf/90cf3d481ae39d2b8ef3693af2472721.jpg

Request Chain 42

http://dynamo.kiev.ua/media/cache_new/5b/84/5b84edc34b3479ac2070b1309861ae09.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/5b/84/5b84edc34b3479ac2070b1309861ae09.jpg

Request Chain 44

http://dynamo.kiev.ua/static/img/red-reward-small.png HTTP 307
https://dynamo.kiev.ua/static/img/red-reward-small.png

Request Chain 45

http://dynamo.kiev.ua/static/img/fan-zona-small.png HTTP 307
https://dynamo.kiev.ua/static/img/fan-zona-small.png

Request Chain 52

http://dynamo.kiev.ua/media/cache_new/b0/da/b0daa737df09a77a35a9bbd5797aee32.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/b0/da/b0daa737df09a77a35a9bbd5797aee32.jpg

Request Chain 53

http://dynamo.kiev.ua/static/img/red-reward-middle.png HTTP 307
https://dynamo.kiev.ua/static/img/red-reward-middle.png

Request Chain 54

http://dynamo.kiev.ua/media/cache_new/f1/7b/f17bab90cd1f2e1c8dac3ce17e06ce00.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/f1/7b/f17bab90cd1f2e1c8dac3ce17e06ce00.jpg

Request Chain 55

http://dynamo.kiev.ua/media/cache_new/a9/18/a91806b6356b7ebeacfb8e9c94e2d263.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/a9/18/a91806b6356b7ebeacfb8e9c94e2d263.jpg

Request Chain 56

http://dynamo.kiev.ua/media/cache_new/3d/bf/3dbf0aff403f4190e4d76bb6c909ea05.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/3d/bf/3dbf0aff403f4190e4d76bb6c909ea05.jpg

Request Chain 57

http://dynamo.kiev.ua/static/img/fan-zona.png HTTP 307
https://dynamo.kiev.ua/static/img/fan-zona.png

Request Chain 58

http://dynamo.kiev.ua/media/cache_new/40/05/4005ae6e9d092e7e498b7fd30d576497.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/40/05/4005ae6e9d092e7e498b7fd30d576497.jpg

Request Chain 59

http://dynamo.kiev.ua/media/cache_new/43/4f/434fafb7f7ee96ee6d6792fab4623ed6.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/43/4f/434fafb7f7ee96ee6d6792fab4623ed6.jpg

Request Chain 60

http://dynamo.kiev.ua/media/cache_new/38/35/3835bb1810416a99746c17609c7ca4cd.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/38/35/3835bb1810416a99746c17609c7ca4cd.jpg

Request Chain 61

http://dynamo.kiev.ua/media/cache_new/69/63/69631ad70634f2b473f23d1b7ee152a5.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/69/63/69631ad70634f2b473f23d1b7ee152a5.jpg

Request Chain 62

http://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg

Request Chain 63

http://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg

Request Chain 64

http://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg

Request Chain 65

http://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg

Request Chain 66

http://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg

Request Chain 67

http://dynamo.kiev.ua/media/cache_new/78/90/7890671a94076cb2a238c4fa1ace9c43.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/78/90/7890671a94076cb2a238c4fa1ace9c43.jpg

Request Chain 68

http://dynamo.kiev.ua/media/cache_new/e7/f1/e7f1f1c05dfe597212c9f37622490bc5.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/e7/f1/e7f1f1c05dfe597212c9f37622490bc5.jpg

Request Chain 69

http://dynamo.kiev.ua/media/cache_new/89/56/89561560e36c067ca5709abecc848c3c.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/89/56/89561560e36c067ca5709abecc848c3c.jpg

Request Chain 70

http://dynamo.kiev.ua/media/cache_new/c4/f8/c4f864a3cec518e67f7df06ca872738a.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/c4/f8/c4f864a3cec518e67f7df06ca872738a.jpg

Request Chain 71

http://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg

Request Chain 72

http://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg

Request Chain 73

http://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg

Request Chain 74

http://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg

Request Chain 75

http://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg

Request Chain 76

http://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg

Request Chain 91

http://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg

Request Chain 92

http://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg

Request Chain 93

http://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg

Request Chain 94

http://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg

Request Chain 100

http://dynamo.kiev.ua/static/img/bg-post-comments-small.png HTTP 307
https://dynamo.kiev.ua/static/img/bg-post-comments-small.png

Request Chain 102

http://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png HTTP 307
https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png

Request Chain 103

http://dynamo.kiev.ua/static/img/orphus.gif HTTP 307
https://dynamo.kiev.ua/static/img/orphus.gif

Request Chain 105

http://dynamo.kiev.ua/static/img/ok-label.jpg HTTP 307
https://dynamo.kiev.ua/static/img/ok-label.jpg

Request Chain 106

http://dynamo.kiev.ua/static/img/fail-label.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fail-label.jpg

Request Chain 107

http://dynamo.kiev.ua/static/js/all-action.js?v8 HTTP 307
https://dynamo.kiev.ua/static/js/all-action.js?v8

Request Chain 108

http://dynamo.kiev.ua/static/js/post.safe.delete.js HTTP 307
https://dynamo.kiev.ua/static/js/post.safe.delete.js

Request Chain 109

http://dynamo.kiev.ua/static/js/jquery.spandata.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery.spandata.js

Request Chain 110

http://dynamo.kiev.ua/static/js/login.js?v4 HTTP 307
https://dynamo.kiev.ua/static/js/login.js?v4

Request Chain 111

http://dynamo.kiev.ua/static/js/hover.js HTTP 307
https://dynamo.kiev.ua/static/js/hover.js

Request Chain 112

http://dynamo.kiev.ua/static/js/jquery.cookie.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery.cookie.js

Request Chain 113

http://dynamo.kiev.ua/static/js/money.js?v21 HTTP 307
https://dynamo.kiev.ua/static/js/money.js?v21

Request Chain 114

http://dynamo.kiev.ua/static/js/subscriptions.js HTTP 307
https://dynamo.kiev.ua/static/js/subscriptions.js

Request Chain 115

http://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js HTTP 307
https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js

Request Chain 116

http://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js

Request Chain 117

http://dynamo.kiev.ua/static/js/fanzone.js?v8 HTTP 307
https://dynamo.kiev.ua/static/js/fanzone.js?v8

Request Chain 118

http://dynamo.kiev.ua/static/js/prebid2.41.0.js HTTP 307
https://dynamo.kiev.ua/static/js/prebid2.41.0.js

Request Chain 119

http://dynamo.kiev.ua/static/js/prebid-units.js HTTP 307
https://dynamo.kiev.ua/static/js/prebid-units.js

Request Chain 120

http://dynamo.kiev.ua/static/js/blog-list.js HTTP 307
https://dynamo.kiev.ua/static/js/blog-list.js

Request Chain 121

http://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7 HTTP 307
https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7

Request Chain 122

http://dynamo.kiev.ua/static/js/tv-index.js?v5 HTTP 307
https://dynamo.kiev.ua/static/js/tv-index.js?v5

Request Chain 123

http://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5 HTTP 307
https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5

Request Chain 124

http://dynamo.kiev.ua/static/js/social_lightbox.js?v2 HTTP 307
https://dynamo.kiev.ua/static/js/social_lightbox.js?v2

Request Chain 125

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js

Request Chain 126

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js

Request Chain 127

http://dynamo.kiev.ua/static/img/fan-banner_1.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_1.jpg

Request Chain 128

http://dynamo.kiev.ua/static/img/fan-banner_2.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_2.jpg

Request Chain 129

http://dynamo.kiev.ua/static/img/fan-banner_3.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_3.jpg

Request Chain 130

http://dynamo.kiev.ua/static/img/fan-banner_4.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_4.jpg

Request Chain 131

http://dynamo.kiev.ua/static/img/fan-banner_5.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_5.jpg

Request Chain 132

http://dynamo.kiev.ua/static/img/fan-banner_6.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_6.jpg

Request Chain 133

http://dynamo.kiev.ua/static/img/purse.png HTTP 307
https://dynamo.kiev.ua/static/img/purse.png

Request Chain 135

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.364345464663663 HTTP 302
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.364345464663663

Request Chain 140

http://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg HTTP 307
https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg

Request Chain 141

http://dynamo.kiev.ua/static/holding/footer2/img/logo.png HTTP 307
https://dynamo.kiev.ua/static/holding/footer2/img/logo.png

Request Chain 142

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 143

http://connect.facebook.net/ru_RU/all.js HTTP 307
https://connect.facebook.net/ru_RU/all.js

Request Chain 149

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1762581420&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&utmhid=2087562454&utmr=-&utmp=%2F&utmht=1635170102962&utmac=UA-2421725-22&utmcc=__utma%3D28515881.697022990.1635170103.1635170103.1635170103.1%3B%2B__utmz%3D28515881.1635170103.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1302296740&utmredir=3&utmu=qRAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1762581420&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&utmhid=2087562454&utmr=-&utmp=%2F&utmht=1635170102962&utmac=UA-2421725-22&utmcc=__utma%3D28515881.697022990.1635170103.1635170103.1635170103.1%3B%2B__utmz%3D28515881.1635170103.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1302296740&utmredir=3&utmu=qRAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=697022990.1635170103&jid=1302296740&_v=5.7.2dc&z=1762581420 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=697022990.1635170103&jid=1302296740&_v=5.7.2dc&z=1762581420&slf_rd=1&random=3859678236

Request Chain 157

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 159

https://x.bidswitch.net/sync?ssp=admixer&user_id=897932f046674eef8555562ad3eaa2e1&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=897932f046674eef8555562ad3eaa2e1&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f0e080ee-e29e-4237-a93e-dbcc0f2bb556&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=e19b13ac-75f9-465a-bf4b-93527a1f5e63&gdpr=&consent=&gdpr_pd=

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEO5GN5NBIGaiH2IO1vxY-sM&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1

Request Chain 161

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4586997668 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AH5b-C4Rezhs-lORtDgciCw

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ODk3OTMyZjA0NjY3NGVlZjg1NTU1NjJhZDNlYWEyZTE=&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ODk3OTMyZjA0NjY3NGVlZjg1NTU1NjJhZDNlYWEyZTE=&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEBSKi9dYosxXWW8xhM7jjZ4&google_cver=1

Request Chain 163

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=897932f046674eef8555562ad3eaa2e1 HTTP 302
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z63EFA3DB4C344E2938A4D142879ECC2&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=897932f046674eef8555562ad3eaa2e1

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ODk3OTMyZjA0NjY3NGVlZjg1NTU1NjJhZDNlYWEyZTE=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEPWukkOH45SyNf4IK6RH650&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1

Request Chain 165

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=f2b052b9-b31b-512a-883b-5d47e94dea7f

Request Chain 174

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_766786&url=http%3A%2F%2Fdynamo.kiev.ua%2F HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_766786&url=http%3A%2F%2Fdynamo.kiev.ua%2F

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 302

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Request Chain 304

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 306

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Request Chain 308

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4NTgxMjk1MDcyODEzNTQ2OQ%3D%3D

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 313

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Request Chain 315

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 317

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Request Chain 319

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

Request Chain 335

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDb_zLzFisGSPEtgjR8nN5U&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDb_zLzFisGSPEtgjR8nN5U&google_cver=1

Request Chain 336

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0MDMwYjAtNjU2OC0yNzU5LWZhZjQtYWNkNTVmYjcwNzU0

Request Chain 337

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKZnzB_A_aaAYhWKmdQ1nvM&google_cver=1

Request Chain 344

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECRIh5GEfPcRaNWywA6Fgno&google_cver=1&google_push=AYg5qPK5fqvBtZbxsKq0eaPMqiusscMni3JIeor05IuYZZEvlqTOQX5hj7ArqHajbSMFEdwtIz9Lu6PfDzr7SWpfgRz21Zgb7ry4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK5fqvBtZbxsKq0eaPMqiusscMni3JIeor05IuYZZEvlqTOQX5hj7ArqHajbSMFEdwtIz9Lu6PfDzr7SWpfgRz21Zgb7ry4

Request Chain 345

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPKmHQvlXIFnT6xYiAdk86JaAsCuNkKhR74tjWhbSufrNQmrboI1oTHbU3Ap4PvUk73oCKak9Wk4I8hBS-F-NRdZI9Kw9Mh- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_push=AYg5qPKmHQvlXIFnT6xYiAdk86JaAsCuNkKhR74tjWhbSufrNQmrboI1oTHbU3Ap4PvUk73oCKak9Wk4I8hBS-F-NRdZI9Kw9Mh-

Request Chain 348

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMscPp4IJpey82yFNfSO--g&google_cver=1&google_push=AYg5qPJ_VRMcTibTBns8a_jZR7m0XcGuz9hnBizd5CiPD_1x26jJoDSWueyjxeUM4OljtxRh6zPUoPe8VfYCRyYxW0oUiNC__S10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4RDgtMTgtSFQ4Nw==&google_push=AYg5qPJ_VRMcTibTBns8a_jZR7m0XcGuz9hnBizd5CiPD_1x26jJoDSWueyjxeUM4OljtxRh6zPUoPe8VfYCRyYxW0oUiNC__S10

Request Chain 349

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkXz8nemngvbx93OO6QH8E7LniFIMI3qfjAkb1g HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkXz8nemngvbx93OO6QH8E7LniFIMI3qfjAkb1g&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkXz8nemngvbx93OO6QH8E7LniFIMI3qfjAkb1g&apid=UP2866043a-359b-11ec-b42d-02de89ae953c HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkXz8nemngvbx93OO6QH8E7LniFIMI3qfjAkb1g&apid=UP2866043a-359b-11ec-b42d-02de89ae953c&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODY2MDQzYS0zNTliLTExZWMtYjQyZC0wMmRlODlhZTk1M2M%3D&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkXz8nemngvbx93OO6QH8E7LniFIMI3qfjAkb1g

Request Chain 352

https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2576417505574&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2576417505574&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 353

https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4881943296791&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4881943296791&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 354

https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=9521141115190&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=9521141115190&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 355

https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2684459822006&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2684459822006&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 375

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENKKG-gTxKwM3gj_EXvIJKM&google_cver=1&google_push=AYg5qPJUo0Ji9TbyFb4PWdd67J35vgz6NmIuq4qdS6PwPlbueHfR0ZUWVPpe7SNJ9Dnuoy_ZwHLMUUvZYSF8SlAX2u5Vjdh1hJDR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJUo0Ji9TbyFb4PWdd67J35vgz6NmIuq4qdS6PwPlbueHfR0ZUWVPpe7SNJ9Dnuoy_ZwHLMUUvZYSF8SlAX2u5Vjdh1hJDR&google_hm=MjMxNTEyNjc2ODE0NjM2NDEzNQ%3D%3D

Request Chain 376

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMscPp4IJpey82yFNfSO--g&google_cver=1&google_push=AYg5qPI5dy561iv01hgmDmjpmaJBr2ThI_O9abrOMaGSvWeaepOw6BxVO3998ZddU3LQMq29Qx42JgZLweATF7OZqEifeNb9oPs7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4TVAtMjUtNTFMTQ==&google_push=AYg5qPI5dy561iv01hgmDmjpmaJBr2ThI_O9abrOMaGSvWeaepOw6BxVO3998ZddU3LQMq29Qx42JgZLweATF7OZqEifeNb9oPs7

Request Chain 378

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIgQYPqhtJ2XzyHceb9gZlM&google_cver=1&google_push=AYg5qPKsHWHG7uAHpyX7kCnPLUdTVte5-NZ7UtfE8MlJog-9xABCWg9HDJ2x2vlPYTMIOCaNeNljYMazJAQYcmYOT1L4U9T5RSLi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKsHWHG7uAHpyX7kCnPLUdTVte5-NZ7UtfE8MlJog-9xABCWg9HDJ2x2vlPYTMIOCaNeNljYMazJAQYcmYOT1L4U9T5RSLi

Request Chain 379

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMwg6nGfvx9gIe6y60IRd0I&google_cver=1&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVKJN6DmSaebsoVWK3nK-tLveqtOlVBAFTAQ24KfApJ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVKJN6DmSaebsoVWK3nK-tLveqtOlVBAFTAQ24KfApJ&google_gid=CAESEMwg6nGfvx9gIe6y60IRd0I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVKJN6DmSaebsoVWK3nK-tLveqtOlVBAFTAQ24KfApJ

Request Chain 381

https://redirector.gvt1.com/videoplayback?id=3a4611cfedc90288&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1635177305&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=0B5E20468903794ED734555D5E7DB5C05EE8012E.298F525E4E684C7D304906F7953C66095CD4A647&key=ck2 HTTP 302
https://r3---sn-2gb7sn7r.gvt1.com/videoplayback?id=3a4611cfedc90288&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1635177305&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4D2E11CB22072C8AED02A4E546868049C9074E72.569B18F3D518E7E4C8D931F103F0D50A503949D8&key=cms1&cms_redirect=yes&mh=_F&mip=216.131.111.46&mm=28&mn=sn-2gb7sn7r&ms=nvh&mt=1635169695&mv=m&mvi=3&pl=24

Request Chain 383

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=39570700125856400710612011758018&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39570700125856400710612011758018&actionid=731824&produktid=businessgiro&dt_url=

Request Chain 386

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415

Request Chain 388

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=39570700125856400710612011758018 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 392

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25452000104720100710612011758003&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25452000104720100710612011758003&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 395

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136

Request Chain 397

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25452000104720100710612011758003 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25452000104720100710612011758003 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 401

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=43215700121998400710616011758016&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43215700121998400710616011758016&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 404

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464

Request Chain 406

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43215700121998400710616011758016 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43215700121998400710616011758016 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 410

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=99822300098877200710612011758012&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99822300098877200710612011758012&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 413

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38

Request Chain 415

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99822300098877200710612011758012 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99822300098877200710612011758012 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 474

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPJtjnsTR44qzWdv1HVA6MZM_VNSbseO6rasaxGEsGdU06IaWBFL022fzkLrgkaK3pRvD5D-bK1S63vKWLa_TJhOFaY7f8TS HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPJtjnsTR44qzWdv1HVA6MZM_VNSbseO6rasaxGEsGdU06IaWBFL022fzkLrgkaK3pRvD5D-bK1S63vKWLa_TJhOFaY7f8TS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

Request Chain 475

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGgV6HMvZdINwn0ufaWXHvg&google_cver=1&google_push=AYg5qPIZCUALz8bTyaX57PR4iSZcsVRAB3XdtJo-u6LPm8cR7lH_5lwwFEgcy-ne7DoJXh3wnQqekznIOgX4CcqD_9V57VKDdJGmng HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIZCUALz8bTyaX57PR4iSZcsVRAB3XdtJo-u6LPm8cR7lH_5lwwFEgcy-ne7DoJXh3wnQqekznIOgX4CcqD_9V57VKDdJGmng&google_hm=hmF2tznqSPXeMAXDhQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6176B739EA48F5DE3005C385BLIS

Request Chain 476

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBTgPXc5iZBMZWgAmyXYRUI&google_cver=1&google_push=AYg5qPIZtEh4MhNiotEynulkSHTtigxoiJzO1yIgwFXhS56nE97f_pKAXe3MyQU35LnP4Rvw9zw3A3d9aAmVSCDkOYDeqF8oJ6UzKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPIZtEh4MhNiotEynulkSHTtigxoiJzO1yIgwFXhS56nE97f_pKAXe3MyQU35LnP4Rvw9zw3A3d9aAmVSCDkOYDeqF8oJ6UzKQ

Request Chain 477

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI0Z3tk0fGPEaD4FeXi8nfE&google_cver=1&google_push=AYg5qPLF-Q0IpGInjRq_3Na5TCRwm8rupT5X3jA5p8-7u0hc3Lb6f3WoWXHyCqekpzpg6rSUgM2luGoXTMSVrYmG0T-FQiqP5wrvcA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPLF-Q0IpGInjRq_3Na5TCRwm8rupT5X3jA5p8-7u0hc3Lb6f3WoWXHyCqekpzpg6rSUgM2luGoXTMSVrYmG0T-FQiqP5wrvcA

Request Chain 483

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL7XrpCLZX7Y0tH2QytQYFc&google_cver=1&google_push=AYg5qPJtrXBKba1x4TgHhOAHAyqT3R1zLXH8i01YiQ009SjYue-GehAwmoWcwM_2i8xrVxjqigSMqk3T3lI6JJ3hOV8VmFGXLZEJsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg3OTQ3MTI5ODUwOTc5OTgyNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL7XrpCLZX7Y0tH2QytQYFc&google_cver=1

Request Chain 484

https://a.tribalfusion.com/i.match?p=b6&u=CAESENBmm2_22fAOP8G3GG90ih0&google_cver=1&google_push=AYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBmm2_22fAOP8G3GG90ih0&google_cver=1&google_push=AYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 485

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPL9z8zjapt-oNVi2q8VDGxgnrQ1IuKYBGE3Cpop77cjzqMmVc5rg06T13oe3C9oSbK6hXJQ885ERfHTRMDCufPgXBdsPt7LhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPL9z8zjapt-oNVi2q8VDGxgnrQ1IuKYBGE3Cpop77cjzqMmVc5rg06T13oe3C9oSbK6hXJQ885ERfHTRMDCufPgXBdsPt7LhA

Request Chain 487

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHMaPjiuVmIzqOdGq813eQM&google_cver=1&google_push=AYg5qPKZJtQN484phXMPONIR4hv_dS5WoZW-gdE3O-vUP6a4MG4JEXo2WiFnRpFqbcjd-MNTkTe4dnnqrOheoviGWKM-B9IZHga1AA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHMaPjiuVmIzqOdGq813eQM&google_cver=1&google_push=AYg5qPKZJtQN484phXMPONIR4hv_dS5WoZW-gdE3O-vUP6a4MG4JEXo2WiFnRpFqbcjd-MNTkTe4dnnqrOheoviGWKM-B9IZHga1AA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CWvwwinhStqtQvuV9ile4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKZJtQN484phXMPONIR4hv_dS5WoZW-gdE3O-vUP6a4MG4JEXo2WiFnRpFqbcjd-MNTkTe4dnnqrOheoviGWKM-B9IZHga1AA

Request Chain 488

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIgQYPqhtJ2XzyHceb9gZlM&google_cver=1&google_push=AYg5qPJoVuM0Q7hWdPm9F5orWFGJJrAbPBLYMi4gPlXcBkG3Tt7nE517EUEpfpH3pY-N4jUiqViAjPEycGRiU8OYFRWpYE7FbIf3ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoVuM0Q7hWdPm9F5orWFGJJrAbPBLYMi4gPlXcBkG3Tt7nE517EUEpfpH3pY-N4jUiqViAjPEycGRiU8OYFRWpYE7FbIf3ww

Request Chain 496

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEE9B3m8gD6LgMc7cHRr9_hk&google_cver=1&google_push=AYg5qPLfgBMpEbNyoctDIOh1rfLX8RbjMjA-GGpHG4BxEw529gd98MEclGJpM4r8VNV4V1W9qEvHyLaiB3kmqwLgVBGzGjsb2AMN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLfgBMpEbNyoctDIOh1rfLX8RbjMjA-GGpHG4BxEw529gd98MEclGJpM4r8VNV4V1W9qEvHyLaiB3kmqwLgVBGzGjsb2AMN&google_hm=NjYxMzIxMTk2MDg2MDE5OTIzNg== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 497

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENoU262XZZpUa05kFlDx77s&google_cver=1&google_push=AYg5qPIPvngGGEm3kI6V55PhuB-gi-gbcU9ZqEXwKSLwdqvEGrD9sKR0UZy4AURM2vXYOzRGPfbDdQKR0ETzFOauBQb8pAlx2R4 HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=e19b13ac-75f9-465a-bf4b-93527a1f5e63 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=e19b13ac-75f9-465a-bf4b-93527a1f5e63 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=227bff59-abf2-4a5f-ad9f-386bb4b60d5a&ssp=google&expires=30&user_group=5&bsw_param=e19b13ac-75f9-465a-bf4b-93527a1f5e63 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPvngGGEm3kI6V55PhuB-gi-gbcU9ZqEXwKSLwdqvEGrD9sKR0UZy4AURM2vXYOzRGPfbDdQKR0ETzFOauBQb8pAlx2R4&google_hm=4ZsTrHX5Rlq_S5NSeh9eYw==

Request Chain 498

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_cver=1&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9

Request Chain 499

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFPWhbDyqyYlwxvmUELZm08&google_cver=1&google_push=AYg5qPIkXZaMRnNe0xnpejbEq6-a5B0ZpEQYi78GQnHJ65-FoS4fv5mfqHolklbP3Q2lulVvWA_BmveRglZMaZFBeROpcXh49w_X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIkXZaMRnNe0xnpejbEq6-a5B0ZpEQYi78GQnHJ65-FoS4fv5mfqHolklbP3Q2lulVvWA_BmveRglZMaZFBeROpcXh49w_X&google_hm=MjE0NjM2NjMxMjUwMjU2NzY4Nw%3D%3D

Request Chain 500

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFGuRKbCvQP6kHEXpwxcDXs&google_cver=1&google_push=AYg5qPK3j52tLbd3GcfNqyCutL4-5lgX19vUAy1cLfmmQiwuOkDg0l8mYwEfG9BiBveJzx-_U70l0p3WvAlh6A118DgDFnoW9C8Z0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jd0hYcXhkRTJ1R3dNR2tKMW91S3ZVUExsT0dMLjZWUX5B&google_push=AYg5qPK3j52tLbd3GcfNqyCutL4-5lgX19vUAy1cLfmmQiwuOkDg0l8mYwEfG9BiBveJzx-_U70l0p3WvAlh6A118DgDFnoW9C8Z0A

Request Chain 505

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPK_7GvbWxIYDEMSIHYdCi4qFFCmnu1qZDV3VmUyiF1JENxUbC9y21s36Wz1P_M_XN6hWdv6uzkqvjSci2hqQ2tkZWtjTpYL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPK_7GvbWxIYDEMSIHYdCi4qFFCmnu1qZDV3VmUyiF1JENxUbC9y21s36Wz1P_M_XN6hWdv6uzkqvjSci2hqQ2tkZWtjTpYL

Request Chain 506

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPIWpYPX7SB0pA8jA5QLilESAJtkHO0tDMsitGW74K28R45Cb9wu5lkkz17lHM4F-s52DJkmaxndVpmv0xAsyOICQROCx4mc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

Request Chain 507

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOny4d8ujBQ7I69pgyh_aMU&google_cver=1&google_push=AYg5qPKK7tsHJq_T9qOAQRslR7bkYX_pfyxcn6Q8CD8iYABSD6vA2ii9UpAPx63t87OuFibeEQZhPuR0dUFhLEfqLVZPjNzKdmk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPKK7tsHJq_T9qOAQRslR7bkYX_pfyxcn6Q8CD8iYABSD6vA2ii9UpAPx63t87OuFibeEQZhPuR0dUFhLEfqLVZPjNzKdmk

Request Chain 508

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOny4d8ujBQ7I69pgyh_aMU&google_cver=1&google_push=AYg5qPIK6yjCZuqDyWq72c1rsB00wTmk9TDbaea3ZLekdCUnFRyYWgxW-4RAjyp4fr7mHFz_3RZ-Uxtzmw70LlYQoha_sgHu_ih2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPIK6yjCZuqDyWq72c1rsB00wTmk9TDbaea3ZLekdCUnFRyYWgxW-4RAjyp4fr7mHFz_3RZ-Uxtzmw70LlYQoha_sgHu_ih2

Request Chain 509

https://rtb.openx.net/sync/dds?google_gid=CAESEITSH1ylGvgZJCkO29t_y80&google_cver=1&google_push=AYg5qPIqZu4cq68vjS89adJuJdSfwkhgdTQzYQIoFZTrrciFfmoE-8gZuztFm4PdRVmIyQzCuL3laNGeh5r9CldxN_44p7JgS7s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIqZu4cq68vjS89adJuJdSfwkhgdTQzYQIoFZTrrciFfmoE-8gZuztFm4PdRVmIyQzCuL3laNGeh5r9CldxN_44p7JgS7s&google_hm=IXlpRgWZwNMJYLrbRkzzjg==

Request Chain 511

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPKO85Z_HwOZIu2PAKT1o1jrC4_1Z2q6p7BgqEU0DBNr69wkfue4eiJRPw7kys3AI2KqEbP4LO_G2k52ntZC-hQie7OmHqfqpg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPKO85Z_HwOZIu2PAKT1o1jrC4_1Z2q6p7BgqEU0DBNr69wkfue4eiJRPw7kys3AI2KqEbP4LO_G2k52ntZC-hQie7OmHqfqpg

Request Chain 513

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOny4d8ujBQ7I69pgyh_aMU&google_cver=1&google_push=AYg5qPJz5ZwnE7YiZsJlAJcpC-dyTMkbeNuy3rYAIDBbReO_EmdW-fJn9becfSjxBgq_cmn87876WuHNY1C-t10WzXXM16i6iuHgWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPJz5ZwnE7YiZsJlAJcpC-dyTMkbeNuy3rYAIDBbReO_EmdW-fJn9becfSjxBgq_cmn87876WuHNY1C-t10WzXXM16i6iuHgWg

Request Chain 514

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMscPp4IJpey82yFNfSO--g&google_cver=1&google_push=AYg5qPLY_xvjMb3pn7ydqQKp_-G6mATntQCWCzHLIEkTaKbmM_uU-4l9AGkMMepx4_ThGEvkr4O5WMPwp5oVX3A3Hm_YRPwIJJDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI5NlQtMTUtSjVZRA==&google_push=AYg5qPLY_xvjMb3pn7ydqQKp_-G6mATntQCWCzHLIEkTaKbmM_uU-4l9AGkMMepx4_ThGEvkr4O5WMPwp5oVX3A3Hm_YRPwIJJDQ

Request Chain 515

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_cver=1&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo

Request Chain 516

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELOtkIcqh6wgCIDuUMTcMFE&google_cver=1&google_push=AYg5qPK6QiMclVuVDS6qjlB0X5CuUOfc2pRQHdqxPE43-eng45vqLgOTA2x48AHBeG7MdwqH4dq7KxRS_iAbsYkft_zEN-Gtk_XX-w HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-bfca86da-0e65-4f6d-ae97-c0b6c74a8afa-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK6QiMclVuVDS6qjlB0X5CuUOfc2pRQHdqxPE43-eng45vqLgOTA2x48AHBeG7MdwqH4dq7KxRS_iAbsYkft_zEN-Gtk_XX-w%26google_hm%3DA7_KhtoOZU9trpfAtsdKivo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6QiMclVuVDS6qjlB0X5CuUOfc2pRQHdqxPE43-eng45vqLgOTA2x48AHBeG7MdwqH4dq7KxRS_iAbsYkft_zEN-Gtk_XX-w&google_hm=A7_KhtoOZU9trpfAtsdKivo

Request Chain 517

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMwg6nGfvx9gIe6y60IRd0I&google_cver=1&google_push=AYg5qPIGQRlA1LxVwORnmTrkuMzgTViyhYUohVgMXE6SCineHQjRnejLL0BB7PwYhsiczpSkl6jDq-PuYWpv1vJniauEk_iJ1Jiw9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPIGQRlA1LxVwORnmTrkuMzgTViyhYUohVgMXE6SCineHQjRnejLL0BB7PwYhsiczpSkl6jDq-PuYWpv1vJniauEk_iJ1Jiw9g

Request Chain 527

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC-ivhwEoaaObLglehxm5as&google_cver=1

Request Chain 528

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=2920dc25-359b-11ec-93bb-160292010206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjkyMGRiZTYtMzU5Yi0xMWVjLTkzYmItMTYwMjkyMDEwMjA2

Request Chain 559

https://um.simpli.fi/gp_match?google_gid=CAESEGthPXvJV7KVnxUlP_0TwJw&google_cver=1&google_push=AYg5qPIvrWVQA_nZ1Abd5TNljmj6RSLLitTcmizn8iwuutcWVFvsu7OZVuk1gkM8-Hc-uv0zvIPANBB7V_buSQe1Czm7wVf5-s7t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=238AEEECD1124EC9985445F5A130C073&google_push=AYg5qPIvrWVQA_nZ1Abd5TNljmj6RSLLitTcmizn8iwuutcWVFvsu7OZVuk1gkM8-Hc-uv0zvIPANBB7V_buSQe1Czm7wVf5-s7t

Request Chain 561

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPLsPbG_-OVqjkqPSli8FiksCWA1JuFcT0Oy_2OYwC3iRdMhSQAhKvYFGo8H_h66sphJFYM-yls4AEJUNanP7bG1xKlFJGmv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

Request Chain 562

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGgV6HMvZdINwn0ufaWXHvg&google_cver=1&google_push=AYg5qPJrDCq5eh0L_Q0vz7hX-VUk7KzrsWPBNojSKlDc-qQkS3vBon-gAkoT9LqhFtE7vtoMqrTyC5Q3ffQ2yD7x1wshDLvSUVxO HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJrDCq5eh0L_Q0vz7hX-VUk7KzrsWPBNojSKlDc-qQkS3vBon-gAkoT9LqhFtE7vtoMqrTyC5Q3ffQ2yD7x1wshDLvSUVxO&google_hm=hmF2tznqSPXeMAXDhQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6176B739EA48F5DE3005C385BLIS

Request Chain 563

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBTgPXc5iZBMZWgAmyXYRUI&google_cver=1&google_push=AYg5qPK65w3STTMy45Zj7GbGqE3TZiCWBUbFRvp48SCVddylTgGcpIZOd3yNPJrZulIbJxcZfzH7eBNkgXtexROFcMMZJej6WnYW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPK65w3STTMy45Zj7GbGqE3TZiCWBUbFRvp48SCVddylTgGcpIZOd3yNPJrZulIbJxcZfzH7eBNkgXtexROFcMMZJej6WnYW

Request Chain 564

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI0Z3tk0fGPEaD4FeXi8nfE&google_cver=1&google_push=AYg5qPI2QEc9hVnTiUNqxfZXDIgo4ChYfdf2i0yxtkGM2gorMYyhUL7728TByP_X-S-MyRQ9MOzw_30u0PtzVB44bYJqhU16vNib HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPI2QEc9hVnTiUNqxfZXDIgo4ChYfdf2i0yxtkGM2gorMYyhUL7728TByP_X-S-MyRQ9MOzw_30u0PtzVB44bYJqhU16vNib

624 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dynamo.kiev.ua/ 254 KB
254 KB 156ms
100ms Document
text/html 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 73e0878b5703780896940ef4f9133989c9c3fc218112aae80f643ec327ea3fff

Request headers

Host: dynamo.kiev.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 259653
Connection: keep-alive
NGKey: :1:dynamo.kiev.ua:NG:/
Accept-Ranges: bytes

GET
H/1.1 200
OK base.css
dynamo.kiev.ua/static/css/ 260 KB
48 KB 164ms
111ms Stylesheet
text/css 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/css/base.css?v=202109281
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: ac1a913dcc95f175e5e87c6c6e6020e918ef043f58667137728b83bdb3d78496

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 07:46:45 GMT
Server: nginx
ETag: W/"608a6465-40f80"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 64eec9d3e0b5.css
dynamo.kiev.ua/media/compressed_20160617/css/ 157 KB
29 KB 160ms
108ms Stylesheet
text/css 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 908fdcad42c1c71c866d31279ce83d645ede68d92463f82da9398ac23d059cab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 06:50:39 GMT
Server: nginx
ETag: W/"603748bf-27563"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
92 KB 54ms
27ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 10:57:43 GMT
X-Content-Type-Options: nosniff
Age: 10639
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 93435
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="hosted-libraries-pushers"
Expires: Tue, 25 Oct 2022 10:57:43 GMT

GET
H2 200 current-device.min.js Show response
unpkg.com/current-device@0.7.2/umd/ 5 KB
2 KB 47ms
20ms Script
application/javascript 104.16.122.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/current-device@0.7.2/umd/current-device.min.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.122.175 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e165a8287ac6e993976e0f981ce0196e76bd28cc4daaabcb96a19cfe50629e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:02 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16011795
fly-request-id: 01F3YNP0D41B8WCN3RJ2YAWAKE
content-encoding: br
vary: Accept-Encoding
last-modified: Sun, 03 Dec 2017 19:28:23 GMT
server: cloudflare
etag: W/"1244-C1oVKy5WYdxpmb8GTdRAfPdtzkA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a3bf0b18aab21a5-DUS

GET
H/1.1 200
OK advert.js Show response
dynamo.kiev.ua/static/js/ 19 B
350 B 160ms
107ms Script
application/javascript 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/js/advert.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 1b02d366e9e554d2dcc933eb048b1ef9545b9e614fe93e7a56f5e8b949f7217a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Last-Modified: Tue, 11 Aug 2020 13:40:25 GMT
Server: nginx
ETag: "5f329fc9-13"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adriver.core.2.js Show response
dynamo.kiev.ua/static/js/ 6 KB
2 KB 154ms
101ms Script
application/javascript 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/js/adriver.core.2.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3637c6e9880a123ca0f1df89d62e47d34cb9be456f345d611731736830137624

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:25 GMT
Server: nginx
ETag: W/"5f329fc9-17b5"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 google_preloader.gif
gagadget.com/static/img/ 2 KB
2 KB 41ms
10ms Image
image/gif 195.201.8.180
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gagadget.com/static/img/google_preloader.gif

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.201.8.180 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.180.8.201.195.clients.your-server.de

Software

nginx /

Resource Hash

6287e31d7f75db73e7e80030621ee27901af0443a8fbfe0ca3f848cb03dd1e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:02 GMT
last-modified: Thu, 08 Feb 2018 11:53:56 GMT
server: nginx
etag: "5a7c3a54-8ad"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2221
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK reg-option1.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 50ms
50ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/reg-option1.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 6100eca91d6e1c24b6b03a47c56d75e5cd5b00a8fdaa0f978ce70b663531275e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:29 GMT
Server: nginx
ETag: W/"5f329fcd-8d3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK reg-option2.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 51ms
50ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/reg-option2.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: e47a810324bd2222c6e525e48401b464b092c0dac0456efe3cc5e639381fe3b4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:26 GMT
Server: nginx
ETag: W/"5f329fca-924"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK reg-option3.png
dynamo.kiev.ua/static/img/ 3 KB
3 KB 52ms
50ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/reg-option3.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3c711655f4879ba2f24540a5ef9426b3a6799376b0c2eb5e49e7acc8413decd5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: W/"5f329fcb-bcc"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ajax-loader-big.gif
dynamo.kiev.ua/static/img/ 7 KB
7 KB 54ms
50ms Image
image/gif 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/ajax-loader-big.gif
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: "5f329fcb-1aa4"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6820
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bf2e902fe7a23d802d09e5aff21af4a1.jpg
dynamo.kiev.ua/media/cache_new/bf/2e/ 39 KB
39 KB 104ms
51ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/bf/2e/bf2e902fe7a23d802d09e5aff21af4a1.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: a32f1e4b5f872620dbbaf2c41fa087d389d8199599fecef2e1869008fb1acacb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Oct 2021 16:53:56 GMT
Server: nginx
ETag: W/"61758fa4-9b1e"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 1cb12d1e9763a0bd05e5bb6fa981c3c5.jpg
dynamo.kiev.ua/media/cache_new/1c/b1/ 12 KB
12 KB 105ms
51ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/1c/b1/1cb12d1e9763a0bd05e5bb6fa981c3c5.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 1ad00cd77f12a903f334df3fc82f539c12f358c393f5f88e5d959609d7106e16

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 11:03:30 GMT
Server: nginx
ETag: W/"61768f02-2e90"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 859cc8c9b02ff7193482cfac8673b83f.jpg
dynamo.kiev.ua/media/cache_new/85/9c/ 14 KB
14 KB 274ms
47ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/85/9c/859cc8c9b02ff7193482cfac8673b83f.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 4d3d3c6074d78ac2bbaa7b98cbf9828f36b45276d4a80c65ea4ddf92ec8929bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 10:37:09 GMT
Server: nginx
ETag: W/"617688d5-379c"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK f2c048e769f5ca3bfac4143ec9375001.jpg
dynamo.kiev.ua/media/cache_new/f2/c0/ 12 KB
12 KB 97ms
51ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/f2/c0/f2c048e769f5ca3bfac4143ec9375001.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 77d569a374b119d4a7970def0e5feb44c2c76f08ecdfcc15f0bb316111f20cf5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 09:15:43 GMT
Server: nginx
ETag: W/"617675bf-2e70"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 8968080fe461b3c26c1dc9d400d8806e.jpg
dynamo.kiev.ua/media/cache_new/89/68/ 16 KB
16 KB 138ms
51ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/89/68/8968080fe461b3c26c1dc9d400d8806e.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: d08c29eb10a5de321110a8a3e205c4efe9b6f945095ffd9447c8bb244d8cfe47

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 08:25:50 GMT
Server: nginx
ETag: W/"61766a0e-3ee4"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK c46da56ebc76ba0b94f8ebeefbcc13b3.jpg
dynamo.kiev.ua/media/cache_new/c4/6d/ 17 KB
17 KB 152ms
51ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/c4/6d/c46da56ebc76ba0b94f8ebeefbcc13b3.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 9c1f1474a720085891d7248c3395a8bfd6d4511292badee903c58988d75b25c2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 08:33:54 GMT
Server: nginx
ETag: W/"61766bf2-42ed"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 943e5b4c667aec6d20f3b627dbef8676.jpg
dynamo.kiev.ua/media/cache_new/94/3e/ 24 KB
24 KB 190ms
52ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/94/3e/943e5b4c667aec6d20f3b627dbef8676.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 47890a3503d64fb5b4558f0a51afaa6d1730f063008ef2155431451b2458ad5f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 06:14:17 GMT
Server: nginx
ETag: W/"61764b39-5f3b"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bbe8e19ff73c9d90c89e57aa8e8ce197.jpg
dynamo.kiev.ua/media/cache_new/bb/e8/ 20 KB
20 KB 173ms
47ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/bb/e8/bbe8e19ff73c9d90c89e57aa8e8ce197.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 066661ae23371e47c40f5e36a89a867d1fab053a3297c9d83a0f860650d67f27

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 04:08:34 GMT
Server: nginx
ETag: W/"61762dc2-4f38"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 6e1bbb8cfef8da7a96ec878bd034d009.jpg
dynamo.kiev.ua/media/cache_new/6e/1b/ 13 KB
13 KB 92ms
52ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/6e/1b/6e1bbb8cfef8da7a96ec878bd034d009.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: e26835a66c5516ff343c5116b865a946d5407dff82a5c95656f32aaf7e924cad

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 03:11:36 GMT
Server: nginx
ETag: W/"61762068-3422"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK c3e772a93a1ede85dd60bc8c7606afc9.jpg
dynamo.kiev.ua/media/cache_new/c3/e7/ 15 KB
15 KB 99ms
50ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/c3/e7/c3e772a93a1ede85dd60bc8c7606afc9.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: c18c3ac14abfeaea46a62fa4aa12da3856128fe532df746dbb51ae2274632bb1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 16:52:02 GMT
Server: nginx
ETag: W/"616b0332-3b46"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK match-center.js Show response
dynamo.kiev.ua/comp/ 1 KB
885 B 50ms
50ms Script
application/javascript 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/comp/match-center.js?cache_ttl=32
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 6d6edfd131ee74eefa94f60617061b4d37c8410848d05a071cd2df892b54feba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
NGKey: :1:dynamo.kiev.ua:NG:/comp/match-center.js?cache_ttl=32

GET
H2 200 02e94e67ee2daab8ff77b99033d25729.jpg
dynamo.kiev.ua/media/cache_new/02/e9/ 825 B
657 B 197ms
45ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/02/e9/02e94e67ee2daab8ff77b99033d25729.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

84cfe80cbf4ef91de23ab0e989a3a2cdf560497884587ed28d54f76157482202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 06:28:50 GMT
server: nginx
etag: W/"5e12d3a2-339"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 bcb37a33e43ec5d6dd06b9a55713c93c.jpg
dynamo.kiev.ua/media/cache_new/bc/b3/ 2 KB
2 KB 197ms
46ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/bc/b3/bcb37a33e43ec5d6dd06b9a55713c93c.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

13feafcfc8a8db3c7cf089bb046bf3b9e6938a80434cdb6ce5db913b16707e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 08:29:22 GMT
server: nginx
etag: W/"5de76e62-82d"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 5b87e244a6de8ef53a2c950d49a5a00f.jpg
dynamo.kiev.ua/media/cache_new/5b/87/ 1 KB
1 KB 198ms
48ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/5b/87/5b87e244a6de8ef53a2c950d49a5a00f.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

c3608675638c9ef92ebfd5f2a24dd34efad9106d33848bf8c7a5098ad753ef73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 08:38:42 GMT
server: nginx
etag: W/"5de77092-55a"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 659251c94b67c5dd4259623fd7949245.jpg
dynamo.kiev.ua/media/cache_new/65/92/ 902 B
743 B 174ms
47ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/65/92/659251c94b67c5dd4259623fd7949245.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4e1d6b0424b6498e3263709d5c1ad917adcfcd1616d12e0a8d76a06966321d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 18:59:40 GMT
server: nginx
etag: W/"5e30849c-386"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 fd05622a83e625e7a2962246f095a03a.jpg
dynamo.kiev.ua/media/cache_new/fd/05/ 889 B
704 B 163ms
47ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/fd/05/fd05622a83e625e7a2962246f095a03a.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

5cda162b99a364a831afad4248df66c83cab5f60b90740e4e18483bffc326657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Thu, 14 Nov 2019 09:11:35 GMT
server: nginx
etag: W/"5dcd1a47-379"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2

200

ajax-loader.gif
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/ajax-loader.gif
https://dynamo.kiev.ua/static/img/ajax-loader.gif

3 KB
3 KB

72ms
71ms

Image
image/gif

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/ajax-loader.gif

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: "5f329fcc-c88"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3208
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/ajax-loader.gif
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 4e770ab784205507a134fede5e1980e8.jpg
dynamo.kiev.ua/media/cache_new/4e/77/ 11 KB
11 KB 221ms
78ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/4e/77/4e770ab784205507a134fede5e1980e8.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: eab6b8c67945339511ff5442c57fe03baad799d5a1d84869f3d6ea0940218698

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 13:35:33 GMT
Server: nginx
ETag: W/"6176b2a5-2c42"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2

200

2af4440a3fabdb38965ae31637861473.jpg
dynamo.kiev.ua/media/cache_new/2a/f4/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/2a/f4/2af4440a3fabdb38965ae31637861473.jpg
https://dynamo.kiev.ua/media/cache_new/2a/f4/2af4440a3fabdb38965ae31637861473.jpg

5 KB
5 KB

72ms
71ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/2a/f4/2af4440a3fabdb38965ae31637861473.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

dbbcc3404a14ef4afcd6e8e000bc56d8b172229935ca87f168ddee8e1d52ab6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 11:00:29 GMT
server: nginx
etag: W/"61768e4d-1574"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/2a/f4/2af4440a3fabdb38965ae31637861473.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

cb9e5946ea363c668fb8b97739d0b3b2.jpg
dynamo.kiev.ua/media/cache_new/cb/9e/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/cb/9e/cb9e5946ea363c668fb8b97739d0b3b2.jpg
https://dynamo.kiev.ua/media/cache_new/cb/9e/cb9e5946ea363c668fb8b97739d0b3b2.jpg

7 KB
7 KB

72ms
72ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/cb/9e/cb9e5946ea363c668fb8b97739d0b3b2.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

5a9f70c6551c734f3a11af01294684eedd3fec17996781f9e16e550163434a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 10:34:06 GMT
server: nginx
etag: W/"6176881e-1cbd"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/cb/9e/cb9e5946ea363c668fb8b97739d0b3b2.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

206fe2bac7e152cd5f69cb0e98e6d616.jpg
dynamo.kiev.ua/media/cache_new/20/6f/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/20/6f/206fe2bac7e152cd5f69cb0e98e6d616.jpg
https://dynamo.kiev.ua/media/cache_new/20/6f/206fe2bac7e152cd5f69cb0e98e6d616.jpg

10 KB
10 KB

47ms
47ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/20/6f/206fe2bac7e152cd5f69cb0e98e6d616.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

dddb3ff9a5f20ee6aebe49a54e13016ad162e9f85c9d81bd6a9928b13bbbcced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:44:29 GMT
server: nginx
etag: W/"61767c7d-2849"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/20/6f/206fe2bac7e152cd5f69cb0e98e6d616.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

65cac6a7014c1121ec8dd86fea04cd87.jpg
dynamo.kiev.ua/media/cache_new/65/ca/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/65/ca/65cac6a7014c1121ec8dd86fea04cd87.jpg
https://dynamo.kiev.ua/media/cache_new/65/ca/65cac6a7014c1121ec8dd86fea04cd87.jpg

6 KB
6 KB

47ms
47ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/65/ca/65cac6a7014c1121ec8dd86fea04cd87.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

2367b9164c9c34ad82a5b9e535089fb61cc4d75af510dc695e45c45165b80b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:19:30 GMT
server: nginx
etag: W/"617676a2-1664"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/65/ca/65cac6a7014c1121ec8dd86fea04cd87.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

150d5199ed87107c522f4be320dd5304.jpg
dynamo.kiev.ua/media/cache_new/15/0d/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/15/0d/150d5199ed87107c522f4be320dd5304.jpg
https://dynamo.kiev.ua/media/cache_new/15/0d/150d5199ed87107c522f4be320dd5304.jpg

7 KB
7 KB

47ms
47ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/15/0d/150d5199ed87107c522f4be320dd5304.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

326cbd423bd2d97b076d4c782cf59b5bae3b533cd776fb8a70e1f50ba1d1d394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 08:24:06 GMT
server: nginx
etag: W/"617669a6-1d08"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/15/0d/150d5199ed87107c522f4be320dd5304.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

95df7299d8fa85af9d4d56389695011d.jpg
dynamo.kiev.ua/media/cache_new/95/df/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/95/df/95df7299d8fa85af9d4d56389695011d.jpg
https://dynamo.kiev.ua/media/cache_new/95/df/95df7299d8fa85af9d4d56389695011d.jpg

7 KB
7 KB

47ms
47ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/95/df/95df7299d8fa85af9d4d56389695011d.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1c2e1fec5741d2d3121dbd04f6cc739483431d3a059ab45d7cc099021156e53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 07:59:06 GMT
server: nginx
etag: W/"617663ca-1a49"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/95/df/95df7299d8fa85af9d4d56389695011d.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

5fe14af7fd264f4e2a7aef1a8bd04653.jpg
dynamo.kiev.ua/media/cache_new/5f/e1/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/5f/e1/5fe14af7fd264f4e2a7aef1a8bd04653.jpg
https://dynamo.kiev.ua/media/cache_new/5f/e1/5fe14af7fd264f4e2a7aef1a8bd04653.jpg

6 KB
6 KB

48ms
48ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/5f/e1/5fe14af7fd264f4e2a7aef1a8bd04653.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

560a253e9affbca88a4af72e3cbee4b811169707597347ee832a7691e4067cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 07:08:05 GMT
server: nginx
etag: W/"617657d5-1733"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/5f/e1/5fe14af7fd264f4e2a7aef1a8bd04653.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

60dd50ca3438723b62bfcda196f4b372.jpg
dynamo.kiev.ua/media/cache_new/60/dd/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/60/dd/60dd50ca3438723b62bfcda196f4b372.jpg
https://dynamo.kiev.ua/media/cache_new/60/dd/60dd50ca3438723b62bfcda196f4b372.jpg

10 KB
10 KB

49ms
49ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/60/dd/60dd50ca3438723b62bfcda196f4b372.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

3776072f883f512463faf3d2d2af3c800c32d00d3938339145681c7730958a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 06:14:05 GMT
server: nginx
etag: W/"61764b2d-2988"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/60/dd/60dd50ca3438723b62bfcda196f4b372.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

34a579343a12e8e23b85c3e39f3b39ea.jpg
dynamo.kiev.ua/media/cache_new/34/a5/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/34/a5/34a579343a12e8e23b85c3e39f3b39ea.jpg
https://dynamo.kiev.ua/media/cache_new/34/a5/34a579343a12e8e23b85c3e39f3b39ea.jpg

5 KB
5 KB

48ms
48ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/34/a5/34a579343a12e8e23b85c3e39f3b39ea.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ec3289528024c6e4b3d826fa20b6120957d8552e0d571eb5f887a8d5c6e0ac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 04:30:54 GMT
server: nginx
etag: W/"617632fe-146f"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/34/a5/34a579343a12e8e23b85c3e39f3b39ea.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

3a0291bc00839f78fc9e352a7398aa2a.jpg
dynamo.kiev.ua/media/cache_new/3a/02/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/3a/02/3a0291bc00839f78fc9e352a7398aa2a.jpg
https://dynamo.kiev.ua/media/cache_new/3a/02/3a0291bc00839f78fc9e352a7398aa2a.jpg

9 KB
9 KB

50ms
50ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/3a/02/3a0291bc00839f78fc9e352a7398aa2a.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

dbbb2a85b7f3c8d775693dd2b0c69b1a17c392cef4cb2de79fa49a6e34006cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 04:07:04 GMT
server: nginx
etag: W/"61762d68-24ec"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/3a/02/3a0291bc00839f78fc9e352a7398aa2a.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

279f8d2848e9c954a1342c5259e66a10.jpg
dynamo.kiev.ua/media/cache_new/27/9f/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/27/9f/279f8d2848e9c954a1342c5259e66a10.jpg
https://dynamo.kiev.ua/media/cache_new/27/9f/279f8d2848e9c954a1342c5259e66a10.jpg

5 KB
5 KB

48ms
47ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/27/9f/279f8d2848e9c954a1342c5259e66a10.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

c655b707a7b61514986075729a9d2e9d4bb044223d3082f9f51a7475f26cdc92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 11:13:09 GMT
server: nginx
etag: W/"6173ee45-1280"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/27/9f/279f8d2848e9c954a1342c5259e66a10.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fdc1eb4b713fae9c27b03f1762decc33.jpg
dynamo.kiev.ua/media/cache_new/fd/c1/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/fd/c1/fdc1eb4b713fae9c27b03f1762decc33.jpg
https://dynamo.kiev.ua/media/cache_new/fd/c1/fdc1eb4b713fae9c27b03f1762decc33.jpg

7 KB
8 KB

47ms
46ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/fd/c1/fdc1eb4b713fae9c27b03f1762decc33.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

a3c54f0c0b8b8df29ac78678fb430a86cc53b476f2176e517321867c6c5918f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 03:37:15 GMT
server: nginx
etag: W/"612317eb-1dac"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/fd/c1/fdc1eb4b713fae9c27b03f1762decc33.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

90cf3d481ae39d2b8ef3693af2472721.jpg
dynamo.kiev.ua/media/cache_new/90/cf/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/90/cf/90cf3d481ae39d2b8ef3693af2472721.jpg
https://dynamo.kiev.ua/media/cache_new/90/cf/90cf3d481ae39d2b8ef3693af2472721.jpg

11 KB
11 KB

48ms
47ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/90/cf/90cf3d481ae39d2b8ef3693af2472721.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

a471ddae49f2c1dccf0762ea65b46b932ec5c325bde777c8872faa7f8fc4be04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sun, 01 Aug 2021 18:26:03 GMT
server: nginx
etag: W/"6106e73b-2c79"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/90/cf/90cf3d481ae39d2b8ef3693af2472721.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

5b84edc34b3479ac2070b1309861ae09.jpg
dynamo.kiev.ua/media/cache_new/5b/84/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/5b/84/5b84edc34b3479ac2070b1309861ae09.jpg
https://dynamo.kiev.ua/media/cache_new/5b/84/5b84edc34b3479ac2070b1309861ae09.jpg

7 KB
7 KB

49ms
48ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/5b/84/5b84edc34b3479ac2070b1309861ae09.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

13d7e6372093bc4680dad644d5c62373290e8b32dc7b9ed825bff1101e7181dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 16 Oct 2021 16:29:45 GMT
server: nginx
etag: W/"616afdf9-1a8c"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/5b/84/5b84edc34b3479ac2070b1309861ae09.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_erlep7os/version/100002/width/368/height/185/quality/75/type/3/ 9 KB
10 KB 191ms
47ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_erlep7os/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 49acca8e6e6bd278e38be2b2de92bd861fea26c284394765286efccbaa887e60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-modified: Thu, 07 Oct 2021 04:41:33 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 9458
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H2

200

red-reward-small.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/red-reward-small.png
https://dynamo.kiev.ua/static/img/red-reward-small.png

1 KB
1 KB

46ms
46ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/red-reward-small.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

b51276fc26e61dc3f1c1c214e50842bb2bfda57f4cce642a68bf35e3bbaec873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: W/"5f329fcc-47e"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/red-reward-small.png
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-zona-small.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-zona-small.png
https://dynamo.kiev.ua/static/img/fan-zona-small.png

1 KB
1 KB

50ms
49ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-zona-small.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

e2099d9a6c5aed5ace5b7d205d9c6c5132d9f520ddeb0c3f1023b28a162c60e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:26 GMT
server: nginx
etag: W/"5f329fca-4d4"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-zona-small.png
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_a7di18ka/version/100002/width/368/height/185/quality/75/type/3/ 14 KB
14 KB 191ms
47ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_a7di18ka/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 78665b7f591e3ba0c27b753cca2a033b9c52b2d0a69fc00936996a3e9913b22f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-modified: Mon, 25 Oct 2021 04:21:42 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 13917
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_sy8cgd82/version/100002/width/368/height/185/quality/75/type/3/ 8 KB
8 KB 185ms
47ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_sy8cgd82/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 668ec2d7ec21cee8e3930ad6ed75b6818886b5c1f052e920daaef3796da38d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-modified: Wed, 20 Oct 2021 12:16:19 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 7813
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_5ln3byqg/version/100002/width/368/height/185/quality/75/type/3/ 10 KB
11 KB 185ms
46ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_5ln3byqg/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: ac3dbc6414fd9d3e182e8f953bd05c42e9bec67ca7a4531258a1c248cd490c54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-modified: Mon, 18 Oct 2021 07:20:41 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 10648
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_h95ztgnn/version/100002/width/368/height/185/quality/75/type/3/ 12 KB
12 KB 198ms
50ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_h95ztgnn/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 870a2a0e533c1681da5ccd598f4e0bdb48cd93d6162b16ce5f1800aa4513f864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-modified: Mon, 18 Oct 2021 06:31:04 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 12142
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_dpxjd2k1/version/100002/width/368/height/185/quality/75/type/3/ 4 KB
5 KB 200ms
52ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_dpxjd2k1/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: c0bdfbdcf9fe9d86027b45554cbbac93e4eed2489339f42458114a8526a0f7ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-modified: Sun, 17 Oct 2021 08:45:59 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 4505
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_1y8axhqj/version/100002/width/368/height/185/quality/75/type/3/ 11 KB
11 KB 151ms
50ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_1y8axhqj/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 4fb4747ad2809e9b808248c734fa3193fd644fa7c0f1655937b8dc80e5a800e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-modified: Fri, 08 Oct 2021 18:41:31 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 10924
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H2

200

b0daa737df09a77a35a9bbd5797aee32.jpg
dynamo.kiev.ua/media/cache_new/b0/da/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/b0/da/b0daa737df09a77a35a9bbd5797aee32.jpg
https://dynamo.kiev.ua/media/cache_new/b0/da/b0daa737df09a77a35a9bbd5797aee32.jpg

76 KB
76 KB

53ms
52ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/b0/da/b0daa737df09a77a35a9bbd5797aee32.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

25c05d2257734a8e32d393e7c81f3cdf0d28749afd6aa066575b5a98b05ea90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 12:11:40 GMT
server: nginx
etag: W/"61769efc-12fbf"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/b0/da/b0daa737df09a77a35a9bbd5797aee32.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

red-reward-middle.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/red-reward-middle.png
https://dynamo.kiev.ua/static/img/red-reward-middle.png

2 KB
2 KB

79ms
79ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/red-reward-middle.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

2f4faffda5a29748db5441d3dd9ba18a57b17bf7d95e7f8f9259689fb0db69cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-885"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/red-reward-middle.png
Non-Authoritative-Reason: HSTS

GET
H2

200

f17bab90cd1f2e1c8dac3ce17e06ce00.jpg
dynamo.kiev.ua/media/cache_new/f1/7b/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/f1/7b/f17bab90cd1f2e1c8dac3ce17e06ce00.jpg
https://dynamo.kiev.ua/media/cache_new/f1/7b/f17bab90cd1f2e1c8dac3ce17e06ce00.jpg

81 KB
81 KB

79ms
79ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/f1/7b/f17bab90cd1f2e1c8dac3ce17e06ce00.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

f253fa048070f1f47eff2149483d2cb29fede1f62ce3ecfc8625015e70cd21ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 20:06:08 GMT
server: nginx
etag: W/"6175bcb0-1436e"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/f1/7b/f17bab90cd1f2e1c8dac3ce17e06ce00.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

a91806b6356b7ebeacfb8e9c94e2d263.jpg
dynamo.kiev.ua/media/cache_new/a9/18/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/a9/18/a91806b6356b7ebeacfb8e9c94e2d263.jpg
https://dynamo.kiev.ua/media/cache_new/a9/18/a91806b6356b7ebeacfb8e9c94e2d263.jpg

73 KB
74 KB

79ms
79ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/a9/18/a91806b6356b7ebeacfb8e9c94e2d263.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

a4e5ccbe7eb3dba987ca84215c2c48a249f292c325126246f1151bb2cf104d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 09:49:12 GMT
server: nginx
etag: W/"61752c18-125ea"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/a9/18/a91806b6356b7ebeacfb8e9c94e2d263.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

3dbf0aff403f4190e4d76bb6c909ea05.jpg
dynamo.kiev.ua/media/cache_new/3d/bf/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/3d/bf/3dbf0aff403f4190e4d76bb6c909ea05.jpg
https://dynamo.kiev.ua/media/cache_new/3d/bf/3dbf0aff403f4190e4d76bb6c909ea05.jpg

91 KB
91 KB

79ms
78ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/3d/bf/3dbf0aff403f4190e4d76bb6c909ea05.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

2a6983462e42ea241c2f8e7433e8aa3144e67cc3222060ee9924bcfab0a50f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 20:13:17 GMT
server: nginx
etag: W/"61746cdd-16d50"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/3d/bf/3dbf0aff403f4190e4d76bb6c909ea05.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-zona.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-zona.png
https://dynamo.kiev.ua/static/img/fan-zona.png

2 KB
2 KB

88ms
88ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-zona.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

9e3bec87a4c2eb93f4210bcea42823841bcbe3411d31ce537bfa167490310e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: W/"5f329fcc-732"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-zona.png
Non-Authoritative-Reason: HSTS

GET
H2

200

4005ae6e9d092e7e498b7fd30d576497.jpg
dynamo.kiev.ua/media/cache_new/40/05/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/40/05/4005ae6e9d092e7e498b7fd30d576497.jpg
https://dynamo.kiev.ua/media/cache_new/40/05/4005ae6e9d092e7e498b7fd30d576497.jpg

88 KB
88 KB

89ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/40/05/4005ae6e9d092e7e498b7fd30d576497.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

16a956abd8ed56b955665ccfdd9f5a096fd81201acafb3b775abe02924ae900c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 18:39:34 GMT
server: nginx
etag: W/"617456e6-15f23"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/40/05/4005ae6e9d092e7e498b7fd30d576497.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

434fafb7f7ee96ee6d6792fab4623ed6.jpg
dynamo.kiev.ua/media/cache_new/43/4f/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/43/4f/434fafb7f7ee96ee6d6792fab4623ed6.jpg
https://dynamo.kiev.ua/media/cache_new/43/4f/434fafb7f7ee96ee6d6792fab4623ed6.jpg

48 KB
47 KB

89ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/43/4f/434fafb7f7ee96ee6d6792fab4623ed6.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ddb3b6753bf45cd5cad7bbfd0a96324df6b10f9cf120af9cf9b6e438554d760b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 06:38:25 GMT
server: nginx
etag: W/"6173ade1-be3a"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/43/4f/434fafb7f7ee96ee6d6792fab4623ed6.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

3835bb1810416a99746c17609c7ca4cd.jpg
dynamo.kiev.ua/media/cache_new/38/35/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/38/35/3835bb1810416a99746c17609c7ca4cd.jpg
https://dynamo.kiev.ua/media/cache_new/38/35/3835bb1810416a99746c17609c7ca4cd.jpg

43 KB
44 KB

89ms
88ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/38/35/3835bb1810416a99746c17609c7ca4cd.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

091468ad474496be6266be0f369cbe809b55a3f9084cd42013cf0f36e8505f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 04:07:28 GMT
server: nginx
etag: W/"61738a80-adeb"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/38/35/3835bb1810416a99746c17609c7ca4cd.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

69631ad70634f2b473f23d1b7ee152a5.jpg
dynamo.kiev.ua/media/cache_new/69/63/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/69/63/69631ad70634f2b473f23d1b7ee152a5.jpg
https://dynamo.kiev.ua/media/cache_new/69/63/69631ad70634f2b473f23d1b7ee152a5.jpg

57 KB
57 KB

126ms
125ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/69/63/69631ad70634f2b473f23d1b7ee152a5.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

59293ceca95f5b02a3b23a56017a9ef93a3c8a66cf6824516d6e355d5b1a03b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 18:33:16 GMT
server: nginx
etag: W/"61350d6c-e3ff"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/69/63/69631ad70634f2b473f23d1b7ee152a5.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

05e337118657c0742b868579e1b88c22.jpg
dynamo.kiev.ua/media/cache_new/05/e3/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg
https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg

63 KB
63 KB

89ms
87ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

745f50aec35e5fb8fad46d0a46cdbfa9a6931d641ef72fec0151f60e1b269821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 31 Jul 2021 13:06:11 GMT
server: nginx
etag: W/"61054ac3-fb19"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg
dynamo.kiev.ua/media/cache_new/b2/d8/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg
https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg

24 KB
23 KB

89ms
87ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1e736902d8b319f63bc705c5d8a0673e31559639fafddb31b8b0bea85f981718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 17:10:41 GMT
server: nginx
etag: W/"6102e111-5ebc"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

5a1f65a31d5b2f8c5bb26357353fe7d5.jpg
dynamo.kiev.ua/media/cache_new/5a/1f/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg
https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg

65 KB
66 KB

89ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

951bddc2ab1583eee8f4d77d9044c9c5b9081cb584b0a4ac3bb85d9a58e051eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 02:30:37 GMT
server: nginx
etag: W/"6088c8cd-1054d"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

0ea6704373d9a1bd16e1796de8b64eb1.jpg
dynamo.kiev.ua/media/cache_new/0e/a6/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg
https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg

46 KB
46 KB

87ms
87ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

caae3cca7abf35ee3a61a44711a2c704bf36bc779d05f29e728eced9c1950ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 23:08:12 GMT
server: nginx
etag: W/"6066525c-b75e"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg
dynamo.kiev.ua/media/cache_new/fb/2b/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg
https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg

70 KB
70 KB

83ms
82ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

74a8ab213434825377631ff36d6153feffc0e62b0794b67c9a7ed6371d14fcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 00:50:49 GMT
server: nginx
etag: W/"6063c769-11767"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

7890671a94076cb2a238c4fa1ace9c43.jpg
dynamo.kiev.ua/media/cache_new/78/90/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/78/90/7890671a94076cb2a238c4fa1ace9c43.jpg
https://dynamo.kiev.ua/media/cache_new/78/90/7890671a94076cb2a238c4fa1ace9c43.jpg

73 KB
73 KB

87ms
87ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/78/90/7890671a94076cb2a238c4fa1ace9c43.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

9ab60963d0ac1ca9614cee490ac32ee2cacbde345ec2ca72394eec18a9790f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sun, 26 Sep 2021 20:32:12 GMT
server: nginx
etag: W/"6150d8cc-122d8"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/78/90/7890671a94076cb2a238c4fa1ace9c43.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

e7f1f1c05dfe597212c9f37622490bc5.jpg
dynamo.kiev.ua/media/cache_new/e7/f1/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/e7/f1/e7f1f1c05dfe597212c9f37622490bc5.jpg
https://dynamo.kiev.ua/media/cache_new/e7/f1/e7f1f1c05dfe597212c9f37622490bc5.jpg

81 KB
81 KB

91ms
90ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/e7/f1/e7f1f1c05dfe597212c9f37622490bc5.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ff459cc4f65a1b4774974da03bd11495e146ae25d0589693cb0149cd71bbc352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sun, 26 Sep 2021 13:51:46 GMT
server: nginx
etag: W/"61507af2-14364"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/e7/f1/e7f1f1c05dfe597212c9f37622490bc5.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

89561560e36c067ca5709abecc848c3c.jpg
dynamo.kiev.ua/media/cache_new/89/56/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/89/56/89561560e36c067ca5709abecc848c3c.jpg
https://dynamo.kiev.ua/media/cache_new/89/56/89561560e36c067ca5709abecc848c3c.jpg

76 KB
76 KB

54ms
53ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/89/56/89561560e36c067ca5709abecc848c3c.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ee51d26c7d5202ff8fffbe414d47fcd1fe2fb4fd122e5317a4bf6a8e91c0ab9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 22:20:44 GMT
server: nginx
etag: W/"614fa0bc-12f46"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/89/56/89561560e36c067ca5709abecc848c3c.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

c4f864a3cec518e67f7df06ca872738a.jpg
dynamo.kiev.ua/media/cache_new/c4/f8/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/c4/f8/c4f864a3cec518e67f7df06ca872738a.jpg
https://dynamo.kiev.ua/media/cache_new/c4/f8/c4f864a3cec518e67f7df06ca872738a.jpg

68 KB
69 KB

56ms
55ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/c4/f8/c4f864a3cec518e67f7df06ca872738a.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

a2d1dc8e30ef615f440cf031dc8089be1e1fc381fc7254d31e318a49da7fcb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 11 Sep 2021 09:21:58 GMT
server: nginx
etag: W/"613c7536-111cb"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/c4/f8/c4f864a3cec518e67f7df06ca872738a.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

90b6d8a005da7ac91eb14b048277921e.jpg
dynamo.kiev.ua/media/cache_new/90/b6/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg
https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg

56 KB
56 KB

90ms
90ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

446900dce4d576e503d418d5557b3aee48920950b97fd52c09814dcf843ad610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sun, 26 Jan 2020 20:40:08 GMT
server: nginx
etag: W/"5e2df928-df0f"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

c3280934c0597426df3b84932ba87bee.jpg
dynamo.kiev.ua/media/cache_new/c3/28/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg
https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg

38 KB
38 KB

89ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

7aa978f16c3a830e2a59d13ec0e39dbb8e02f6700f402d98bcd0a05598b8a70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Sat, 04 May 2019 07:38:06 GMT
server: nginx
etag: W/"5ccd415e-9863"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

e7eaf02a4ba0d781939e7e807b972966.jpg
dynamo.kiev.ua/media/cache_new/e7/ea/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg
https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg

74 KB
74 KB

55ms
54ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

03fa5c882e72e615179dd04be0a422d4c37a71a8c5a3bad03609a11b514212ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 23:23:26 GMT
server: nginx
etag: W/"5c941cee-1281f"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

bf9cb15e6f1e91e114864c412aa6d367.jpg
dynamo.kiev.ua/media/cache_new/bf/9c/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg
https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg

58 KB
58 KB

89ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

dd42860af2e0ef10161df8c08a1f5737c84cc8f5adc3c6ae3b5064aedb44756e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 15:28:12 GMT
server: nginx
etag: W/"5c87d00c-e761"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

c49656d35a49efd14d99cb8e791fcd82.jpg
dynamo.kiev.ua/media/cache_new/c4/96/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg
https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg

52 KB
52 KB

89ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

8a0894f5aaf596f3664b20cedcb9e9ce030f0dd54d69f46a4c94bf853b1e337b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 14:27:04 GMT
server: nginx
etag: W/"5c87c1b8-d13c"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

b4ab6a53ccef1a7117997b3fe2f28147.jpg
dynamo.kiev.ua/media/cache_new/b4/ab/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg
https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg

61 KB
61 KB

92ms
91ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

2c554812d1e758ce5a7aff596d5fd1b4ff48afdf6ad2f8355eed198261cb923c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Feb 2019 15:32:09 GMT
server: nginx
etag: W/"5c755bf9-f3ec"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 12ac24a05d436f2c7c0c12b425b6482e.jpg
dynamo.kiev.ua/media/cache_new/12/ac/ 15 KB
15 KB 191ms
52ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/12/ac/12ac24a05d436f2c7c0c12b425b6482e.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 0eed967050265db1eb897f1dc317367149be1efbdbedca18eca291a01af6a3cc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 13:09:59 GMT
Server: nginx
ETag: W/"6172b827-3bd3"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2e052929246d53ea6bf9be847c346008.jpg
dynamo.kiev.ua/media/cache_new/2e/05/ 11 KB
11 KB 140ms
52ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/2e/05/2e052929246d53ea6bf9be847c346008.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: b85afa6f91e4f03206530c904c3b54dd48f48e7ad8dae47c94407bdeceecfc85

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Oct 2021 03:44:46 GMT
Server: nginx
ETag: W/"6173852e-2a4d"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 51220ce9107f3bc693373cc92ea39bb2.jpg
dynamo.kiev.ua/media/cache_new/51/22/ 9 KB
10 KB 193ms
51ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/51/22/51220ce9107f3bc693373cc92ea39bb2.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: b877fde61a153acb78eed8b98b72a4a111516a412c9bca9e26c184f813c579d9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Oct 2021 04:49:15 GMT
Server: nginx
ETag: W/"6174e5cb-25aa"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 45cf1b41354f15719508eeaf6a11b86e.jpg
dynamo.kiev.ua/media/cache_new/45/cf/ 6 KB
6 KB 143ms
50ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/45/cf/45cf1b41354f15719508eeaf6a11b86e.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 990cb8ca8afe9ba007c99216f8967e78141d4e437dbaabcd70891e9a748b550c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 10:52:09 GMT
Server: nginx
ETag: W/"611e37d9-1848"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 8c3aa3733f9ce1222db2b16d5f6c91d5.jpg
dynamo.kiev.ua/media/cache_new/8c/3a/ 12 KB
12 KB 191ms
51ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/8c/3a/8c3aa3733f9ce1222db2b16d5f6c91d5.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 8f3e8d91bc7ff831f377088a027d3ecc0a8780b5c93e5f07967cf1d3cd58a1e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Oct 2021 18:19:31 GMT
Server: nginx
ETag: W/"6175a3b3-2f7d"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK red-reward-middle.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 182ms
51ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/red-reward-middle.png?V1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 2f4faffda5a29748db5441d3dd9ba18a57b17bf7d95e7f8f9259689fb0db69cf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: W/"5f329fcb-885"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK blogs_w.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 163ms
49ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/blogs_w.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: ab6b2c6c46d0928ca186f28567dc85e2daf2549309a8ec100d995163a39baa82

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-95e"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK autoUpdate.adriver.js Show response
ua-content.adriver.ru/plugins/ 5 KB
5 KB 124ms
33ms Script
application/x-javascript 31.28.167.67
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://ua-content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/js/adriver.core.2.js
Protocol: HTTP/1.1
Server: 31.28.167.67 Zhytomyr, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: nginx /
Resource Hash: e28bcfefad2c0f3f491619132330d80cd2d4b2e138d947cc93c673a326e70b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:02 GMT
Last-Modified: Thu, 07 Oct 2021 10:58:24 GMT
Server: nginx
ETag: "615ed2d0-1337"
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: close
Accept-Ranges: bytes
Content-Length: 4919
Expires: Mon, 25 Oct 2021 14:55:02 GMT

GET
H/1.1 200
OK loader2.js Show response
cdn.admixer.net/scripts3/ 156 KB
48 KB 57ms
21ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 90a97f36682cc97f74e485a927de9423c4d9631b226c8b0d9ded98644aa8bec8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc31
Date: Mon, 25 Oct 2021 13:55:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:51 GMT
Server: nginx
ETag: W/"615ebb03-2714d"
Transfer-Encoding: chunked
X-Cached-Since: 2021-10-25T13:45:38+00:00
Content-Type: application/javascript
Cache-Control: max-age=600
Cache: HIT
Connection: keep-alive
Expires: Wed, 20 Oct 2021 09:32:00 GMT

GET
H/1.1 200
OK b.js Show response
cdn.trafficdok.com/libs/ 2 KB
2 KB 46ms
18ms Script
application/javascript 5.79.64.54
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn.trafficdok.com/libs/b.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Server

5.79.64.54 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

ab4c1348dc14f71f64eae26be8a0a449ec3d3a30ab5c239250beacb4057b0a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block;
Last-Modified: Fri, 06 Aug 2021 14:39:20 GMT
Server: nginx
ETag: W/"610d4998-94a"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Tue, 26 Oct 2021 13:55:02 GMT

GET
H/1.1 200
OK shop-icons.png
dynamo.kiev.ua/static/img/ 23 KB
22 KB 71ms
51ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/shop-icons.png?v1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5bf3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK shop-icons.png
dynamo.kiev.ua/static/img/ 23 KB
22 KB 124ms
94ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/shop-icons.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5bf3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK shop-icons.png
dynamo.kiev.ua/static/img/ 23 KB
22 KB 86ms
51ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/shop-icons.png?v2
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5bf3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pkYDSlCHbDnBWPT5PPFFTA.ttf
themes.googleusercontent.com/static/fonts/ptsans/v5/ 433 KB
230 KB 71ms
22ms Font
font/ttf 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/ptsans/v5/pkYDSlCHbDnBWPT5PPFFTA.ttf

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
Origin: http://dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 08:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 234617
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Oct 2022 08:13:06 GMT

GET
H2

200

post342808.jpg
dynamo.kiev.ua/media/posts/2020/03/31/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg
https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg

37 KB
36 KB

88ms
88ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1044a2d2d749c4044aeb1a23fcbe9bcc9d373f66791503593d91fb260c217f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 31 Mar 2020 09:55:35 GMT
server: nginx
etag: W/"5e831397-9290"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

ruk1.jpg
dynamo.kiev.ua/media/posts/2020/03/03/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg
https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg

44 KB
41 KB

57ms
57ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

0eb266aad0b6eedff13ea2b3677ca4259a5629a3503c182aa137b6870466b807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 03 Mar 2020 12:41:32 GMT
server: nginx
etag: W/"5e5e507c-b02b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

kol1.jpg
dynamo.kiev.ua/media/posts/2020/03/05/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg
https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg

132 KB
132 KB

90ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

0e742061b7b95c780006ef36f592530945a422277247333be8a38e43a4fcd3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 10:02:44 GMT
server: nginx
etag: W/"5e60ce44-20ffe"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

cpa1.jpg
dynamo.kiev.ua/media/posts/2020/02/26/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg
https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg

52 KB
51 KB

57ms
57ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

da493df9f8dc6a697f2dccf4cc64e5d5edd5445ea7033c0364f492848c195095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Wed, 26 Feb 2020 13:47:35 GMT
server: nginx
etag: W/"5e5676f7-d05d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK digits.png
dynamo.kiev.ua/static/img/ 1 KB
2 KB 147ms
50ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/digits.png?v=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=202109281
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 93cfd03da1c6421843afe6319577a726851ddd53558995ba88fd91dae8902103

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/static/css/base.css?v=202109281
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/static/css/base.css?v=202109281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5e9"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg-imp-arrows.png
dynamo.kiev.ua/static/img/ 3 KB
3 KB 84ms
53ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/bg-imp-arrows.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=202109281
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 52af586d9dc2f808b3ee4a93bf22e4c8e85f477ad1c291660aae1ca6d387a4f0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/static/css/base.css?v=202109281
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/static/css/base.css?v=202109281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-c13"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK rss.png
dynamo.kiev.ua/static/img/ 915 B
1 KB 147ms
50ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/rss.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=202109281
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3e084365b8c06972b05bb7f7920e9a7a3a8688f52ceaadc55995521bd932f130

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/static/css/base.css?v=202109281
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/static/css/base.css?v=202109281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: W/"5f329fcb-393"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g46X4VH_KHOWAAa-HpnGPi3USBnSvpkopQaUR-2r7iU.ttf
themes.googleusercontent.com/static/fonts/ptsans/v5/ 459 KB
244 KB 76ms
46ms Font
font/ttf 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/ptsans/v5/g46X4VH_KHOWAAa-HpnGPi3USBnSvpkopQaUR-2r7iU.ttf

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

3128bd5ecf01816e59a23d54c57a7a6b14615b07db53ff277c77376010265b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
Origin: http://dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 13:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 249365
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Oct 2022 13:58:37 GMT

GET
H/1.1 200
OK glyphicons-halflings-white.png
dynamo.kiev.ua/static/bootstrap/img/ 9 KB
9 KB 183ms
51ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings-white.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:29 GMT
Server: nginx
ETag: W/"5f329fcd-2249"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

bg-post-comments-small.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/bg-post-comments-small.png
https://dynamo.kiev.ua/static/img/bg-post-comments-small.png

190 B
433 B

57ms
56ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/bg-post-comments-small.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=202109281

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

724b85d2225037fa105d8e07b27119480f21f68cb74ba298b841ed337cd8da1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-be"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/bg-post-comments-small.png
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK /
c.bigmir.net/ 469 B
724 B 176ms
44ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bigmir.net/?s5613&t8&c1&d24&r1600
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: c0df9644fc554ea37a2caaabc7133a0e2a3c8d286a07c7bf2a35279c7737abee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:02 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2

200

glyphicons-halflings.png
dynamo.kiev.ua/static/bootstrap/img/
Redirect Chain

http://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png
https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png

12 KB
13 KB

93ms
89ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:29 GMT
server: nginx
etag: W/"5f329fcd-31ff"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png
Non-Authoritative-Reason: HSTS

GET
H2

200

orphus.gif
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/orphus.gif
https://dynamo.kiev.ua/static/img/orphus.gif

2 KB
2 KB

89ms
89ms

Image
image/gif

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/orphus.gif

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ecfb8b0439da5fdccf9c2256c0ee89ab13534176f55f2f5553037296960cee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: "5f329fcc-64a"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1610
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/orphus.gif
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK footer2.css
dynamo.kiev.ua/static/holding/ 3 KB
1 KB 57ms
51ms Stylesheet
text/css 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/holding/footer2.css
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 0014a8628e795ff94e5d28b199d188366da8679b396757e5cc872957561345ef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:21 GMT
Server: nginx
ETag: W/"5f329fc5-bd9"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ok-label.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/ok-label.jpg
https://dynamo.kiev.ua/static/img/ok-label.jpg

5 KB
5 KB

95ms
95ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/ok-label.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d82652907e4bac8318c0fa574645fda913602cb39063afe12947539f28073bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-1426"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/ok-label.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fail-label.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fail-label.jpg
https://dynamo.kiev.ua/static/img/fail-label.jpg

5 KB
5 KB

123ms
120ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fail-label.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

96bc31dad93511cb788799c0fad76aaf3b9fc5855bf59a246b9e376958522404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: W/"5f329fcc-13d2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fail-label.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

all-action.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/all-action.js?v8
https://dynamo.kiev.ua/static/js/all-action.js?v8

4 KB
2 KB

46ms
46ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/all-action.js?v8

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

9b04c768886d0bd0169a22e9d9084cf66dc8879babe4c44e61541940ded24061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-11ff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/all-action.js?v8
Non-Authoritative-Reason: HSTS

GET
H2

200

post.safe.delete.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/post.safe.delete.js
https://dynamo.kiev.ua/static/js/post.safe.delete.js

299 B
496 B

46ms
46ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/post.safe.delete.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

6f06190a9eea6cc20582fa356d9c5607ad7cf43db99377fec129b190e88455aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-12b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/post.safe.delete.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.spandata.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery.spandata.js
https://dynamo.kiev.ua/static/js/jquery.spandata.js

807 B
586 B

46ms
46ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery.spandata.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

04c3803e1c0b06730edd71c100252e947fc16c5a89227aa495442dc1c3355970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-327"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery.spandata.js
Non-Authoritative-Reason: HSTS

GET
H2

200

http://dynamo.kiev.ua/static/js/login.js?v4
https://dynamo.kiev.ua/static/js/login.js?v4

4 KB
1 KB

47ms
46ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/login.js?v4

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

53c6d64604561a4a307fb3b74d187903a20cb1f6a7b42245aaa318f5803f478c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-1007"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/login.js?v4
Non-Authoritative-Reason: HSTS

GET
H2

200

hover.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/hover.js
https://dynamo.kiev.ua/static/js/hover.js

176 B
375 B

47ms
47ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/hover.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

28a4855b721e72c54d221f461a55f5e8ddc79cd337932df6cac7980de9a62f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/hover.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.cookie.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery.cookie.js
https://dynamo.kiev.ua/static/js/jquery.cookie.js

4 KB
2 KB

47ms
47ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery.cookie.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-1096"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery.cookie.js
Non-Authoritative-Reason: HSTS

GET
H2

200

money.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/money.js?v21
https://dynamo.kiev.ua/static/js/money.js?v21

8 KB
3 KB

46ms
46ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/money.js?v21

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

37941d2b1432f086358b059b7d64d9d30399858862f16ecda247d351258d4881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-1fba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/money.js?v21
Non-Authoritative-Reason: HSTS

GET
H2

200

subscriptions.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/subscriptions.js
https://dynamo.kiev.ua/static/js/subscriptions.js

212 B
422 B

47ms
47ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/subscriptions.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

e2f02f34765f57754e2503f10d7f8936a759abe34b4c087f163ccee94597989e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-d4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/subscriptions.js
Non-Authoritative-Reason: HSTS

GET
H2

200

bootstrap.js Show response
dynamo.kiev.ua/static/bootstrap/js/
Redirect Chain

http://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js
https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js

58 KB
11 KB

49ms
49ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

32150435e7483d330aede0098d0b1fc9d61d3a34e8f5358b08a736c3606560a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:29 GMT
server: nginx
etag: W/"5f329fcd-e775"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.jcarousel.min.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js
https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js

17 KB
5 KB

50ms
50ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

199c6645a72f24059216d021778b4602a4b9892fa5d068e266a28b4e3d87c6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-443a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js
Non-Authoritative-Reason: HSTS

GET
H2

200

fanzone.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/fanzone.js?v8
https://dynamo.kiev.ua/static/js/fanzone.js?v8

3 KB
1 KB

51ms
50ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/fanzone.js?v8

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4abfec0add66154f7a20f565a8a5d41654364fa81de4b0b375c3a8c67330eaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-b40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/fanzone.js?v8
Non-Authoritative-Reason: HSTS

GET
H2

200

prebid2.41.0.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/prebid2.41.0.js
https://dynamo.kiev.ua/static/js/prebid2.41.0.js

119 KB
39 KB

80ms
80ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/prebid2.41.0.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1b94247f3e2baaa9a8a062de0446ceac23b5f0dd12e005acdbda28fc554ab812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-1dc48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/prebid2.41.0.js
Non-Authoritative-Reason: HSTS

GET
H2

200

prebid-units.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/prebid-units.js
https://dynamo.kiev.ua/static/js/prebid-units.js

3 KB
1 KB

64ms
64ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/prebid-units.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ab177098c8c57fab5c6bc3b5dde2aea18d459ff6c09f94cbdaf1974bb077dcc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/prebid-units.js
Non-Authoritative-Reason: HSTS

GET
H2

200

blog-list.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/blog-list.js
https://dynamo.kiev.ua/static/js/blog-list.js

274 B
461 B

68ms
68ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/blog-list.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4f300d0799f69110cc1c1798e4ab6f5adf02f1b82020e350767d24c40cedefb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-112"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/blog-list.js
Non-Authoritative-Reason: HSTS

GET
H2

200

newsblogs-widget.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7
https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7

2 KB
811 B

52ms
51ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

66a31c4266316ef767a4bff1f75fe8563ba9a4c40272daf07b13ce91f1077233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-613"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7
Non-Authoritative-Reason: HSTS

GET
H2

200

tv-index.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/tv-index.js?v5
https://dynamo.kiev.ua/static/js/tv-index.js?v5

3 KB
2 KB

52ms
52ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/tv-index.js?v5

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

cdea454724c45ad926434ca19806637461a5de4bcea8e092ddca7db571dc3a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-dd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/tv-index.js?v5
Non-Authoritative-Reason: HSTS

GET
H2

200

imp-matches-widget.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5
https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5

5 KB
2 KB

52ms
52ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4d4e47b54747bf336a7d03b85326a04f7df56a924124a0b869b46111b27bf184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:03 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-15bf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5
Non-Authoritative-Reason: HSTS

GET
H2

200

social_lightbox.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/social_lightbox.js?v2
https://dynamo.kiev.ua/static/js/social_lightbox.js?v2

3 KB
1 KB

53ms
52ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/social_lightbox.js?v2

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

350fa9c2a785b663adc8330ab9b4f0b033bd8e8626ce1776a2825c2f2cc2b48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-bb4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/social_lightbox.js?v2
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.countdown.js Show response
dynamo.kiev.ua/static/js/jquery-countdown/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js

32 KB
9 KB

73ms
72ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1032682ae485621f8b00c3a942a01e6d6e9e7df45115fb9c08cce0f994bf5ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-811f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.countdown-ru.js Show response
dynamo.kiev.ua/static/js/jquery-countdown/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js

1 KB
834 B

71ms
71ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

9dede4ed705f42e8b4dfec0c4932132d7e0bd215cbd591db77566176de24c935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-410"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_1.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_1.jpg
https://dynamo.kiev.ua/static/img/fan-banner_1.jpg

37 KB
37 KB

118ms
116ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

8c8a76d38a81e3e9005bbaed9a6660426c03d066ff88a47001f2d749270bc4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:26 GMT
server: nginx
etag: W/"5f329fca-95db"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_2.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_2.jpg
https://dynamo.kiev.ua/static/img/fan-banner_2.jpg

39 KB
38 KB

121ms
120ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_2.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

3b02fb712038660f6a953365e718456dd14686dfa562df6d772fc9713e32db50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-9a39"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_2.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_3.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_3.jpg
https://dynamo.kiev.ua/static/img/fan-banner_3.jpg

21 KB
21 KB

164ms
162ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_3.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

484e048a19f2d1d120d469e566c755d51c4d5336b9c46d8b6527a24d86aa0295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: W/"5f329fcc-54e2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_3.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_4.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_4.jpg
https://dynamo.kiev.ua/static/img/fan-banner_4.jpg

29 KB
28 KB

165ms
165ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_4.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

07c7bb3189d22677dca36bd8990a1c71f5c2990752682ddb50cd50a1a525ccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:29 GMT
server: nginx
etag: W/"5f329fcd-75c2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_4.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_5.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_5.jpg
https://dynamo.kiev.ua/static/img/fan-banner_5.jpg

21 KB
20 KB

165ms
165ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_5.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

835e9fa3c02a45ec17bfafa1c1c56cc200ca10a89272db36b25147ca440311d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:26 GMT
server: nginx
etag: W/"5f329fca-5476"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_5.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_6.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_6.jpg
https://dynamo.kiev.ua/static/img/fan-banner_6.jpg

29 KB
27 KB

90ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_6.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d52e181f46fce3de01823cc23c23bad4016aba88ad12b4bba4841cfd12fad7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-7353"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_6.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

purse.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/purse.png
https://dynamo.kiev.ua/static/img/purse.png

1 KB
1 KB

89ms
89ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/purse.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d9c0c3e85c6295e5353777a2989538dba3911ed55b196cfe4e6681c90f85335c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-47b"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/purse.png
Non-Authoritative-Reason: HSTS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
49 KB 71ms
28ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H3ZT0JTLM0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

94b142b80dec36c8a2166357508386fc58ab78ce043d3553c0879f0bb01e54ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49425
x-xss-protection: 0
expires: Mon, 25 Oct 2021 13:55:02 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.364345464663663
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.364345464663663

423 B
909 B

43ms
43ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.364345464663663

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

de6aabd05e136b52786e1b8ece30d55262bf7c350dc629ae04b3c1c98fbec897

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 423
Expires: Sat, 24 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.364345464663663
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 24 Oct 2020 21:00:00 GMT

GET
H/1.1 204
No Content load Show response
z.cdn.trafficdok.com/ 0
408 B 73ms
17ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficdok.com/load?z=1681292205&div=42v7hpvfbgi&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=600&pl=3&mi=4&hc=4&n=1635170102396&url=dynamo.kiev.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&zyx=1667561117
Requested by: Host: cdn.trafficdok.com
URL: http://cdn.trafficdok.com/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:02 GMT
Cache-Control: no-cache, must-revalidate
Expires: -1
Server: nginx
Connection: keep-alive
P3P: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame D12E 637 B
533 B 43ms
13ms Document
text/html 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

server: nginx
date: Mon, 25 Oct 2021 13:55:02 GMT
content-type: text/html
last-modified: Thu, 07 Oct 2021 09:16:44 GMT
vary: Accept-Encoding
etag: W/"615ebafc-27d"
expires: Fri, 21 Oct 2022 09:20:49 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2021-10-20T09:20:49+00:00
x-id: fr5-up-gc15
content-encoding: gzip

GET
H/1.1 200
OK ae85f19996d2e523ddd7.b.js Show response
cdn.admixer.net/scripts3/ 23 KB
9 KB 66ms
66ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e97e4e1a626109cc68dd6c4d590bb9af6f32522664224e559e4f2e48d9c4da53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc31
Date: Mon, 25 Oct 2021 13:55:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:43 GMT
Server: nginx
ETag: W/"615ebafb-5d41"
Vary: Accept-Encoding
X-Cached-Since: 2021-10-20T09:21:01+00:00
Content-Type: application/javascript
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 21 Oct 2022 09:21:01 GMT

GET
H/1.1 200
OK 9104cf3e334749084111.b.js Show response
cdn.admixer.net/scripts3/ 93 KB
26 KB 30ms
14ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9ad91a116f1a4bd32e4f79b4b607917c945969016da101b858047ed383265be8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc15
Date: Mon, 25 Oct 2021 13:55:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:39 GMT
Server: nginx
ETag: W/"615ebaf7-17223"
Vary: Accept-Encoding
X-Cached-Since: 2021-10-20T09:21:11+00:00
Content-Type: application/javascript
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 21 Oct 2022 09:21:11 GMT

GET
H2

200

bg_mFooter.jpg
dynamo.kiev.ua/static/holding/footer2/img/
Redirect Chain

http://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg
https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg

8 KB
7 KB

51ms
51ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/holding/footer2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

7466c425ec745183e05ffd580822e2df7acb736e4b012888990a81ffe0de632d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:21 GMT
server: nginx
etag: W/"5f329fc5-217d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

logo.png
dynamo.kiev.ua/static/holding/footer2/img/
Redirect Chain

http://dynamo.kiev.ua/static/holding/footer2/img/logo.png
https://dynamo.kiev.ua/static/holding/footer2/img/logo.png

5 KB
5 KB

48ms
48ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/holding/footer2/img/logo.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/holding/footer2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

e59498ff950418bc1fd339aa191bafb81a74ec94d640c8b45940e44ee9051aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:21 GMT
server: nginx
etag: W/"5f329fc5-14c7"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/holding/footer2/img/logo.png
Non-Authoritative-Reason: HSTS

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

45 KB
17 KB

69ms
21ms

Script
text/javascript

142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 925
date: Mon, 25 Oct 2021 13:39:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17093
expires: Mon, 25 Oct 2021 15:39:37 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/all.js
https://connect.facebook.net/ru_RU/all.js

3 KB
2 KB

26ms
7ms

Script
application/x-javascript

185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

1d1a0068ad16d413dcbc737a35dad90b16507f38a3016b087861e209432051ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aIEK5dgmZqJ9wMAWcU0Weg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: d5lslWvN0eYqrMD48ZoGafrsIgPm1rnd2Ba9l4iT5fJfFjw3djDINosQwfy04F9zwjSiUykg2B1ResRppUhehQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 7aaa0fa7a8594c255e1d2f764a15b039
x-frame-options: DENY
date: Mon, 25 Oct 2021 13:55:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "81c194dc900efefcef397156cdcf381c"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 25 Oct 2021 13:55:11 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 204
No Content load Show response
z.cdn.trafficdok.com/ 0
176 B 18ms
17ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficdok.com/load?z=1825282040&div=fbkegx1sxoo&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=600&pl=3&mi=4&hc=4&n=1635170102396&url=dynamo.kiev.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&zyx=1667561117
Requested by: Host: cdn.trafficdok.com
URL: http://cdn.trafficdok.com/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:02 GMT
Cache-Control: no-cache, must-revalidate
Server: nginx
Connection: keep-alive
Expires: -1

POST
H2 204 collect
www.google-analytics.com/g/ 0
308 B 91ms
33ms Ping
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H3ZT0JTLM0&gtm=2oeak0&_p=2087562454&sr=1600x1200&ul=en-us&cid=697022990.1635170103&_s=1&dl=http%3A%2F%2Fdynamo.kiev.ua%2F&dt=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&sid=1635170102&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H3ZT0JTLM0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 6 KB
3 KB 1127ms
107ms Script
application/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8574113601281310&cpv=5a2f3e69-d3a4-baa5-2f6e-614db476e291&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%222bcf864e-65e6-df82-abc9-ddcb2f7bf7c2%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fdynamo.kiev.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227b13f1ff-2e26-9cf4-aa33-9bfebad1907d%22%2C%22tagid%22%3A%226f66d37e-5989-4e49-8e9b-1699cfca899d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_6f66d37e59894e498e9b1699cfca899d_zone_22896_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22e6f60fec-b40d-87d0-2199-f0e60c789933%22%2C%22tagid%22%3A%22f155fab6-1745-4c06-b9cd-46de4a227ea7%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_f155fab617454c06b9cd46de4a227ea7_zone_37796_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%225ca410e2-0e2a-02bd-e242-f161b12586ba%22%2C%22tagid%22%3A%2216f37bdc-0b5f-4235-ba65-d61a77e35e25%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_16f37bdc0b5f4235ba65d61a77e35e25_zone_37797_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%220e2cf6ba-3f3a-bb00-e011-31a2bc97f0c7%22%2C%22tagid%22%3A%221ee7e353-94de-4344-a59a-7f085b148644%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ee7e35394de4344a59a7f085b148644_zone_37800_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%225a8ea20c-63e2-590b-bf0c-b30c0a9229ac%22%2C%22tagid%22%3A%22ff94c55c-a4b6-4582-91b4-448c06e6549d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ff94c55ca4b6458291b4448c06e6549d_zone_37801_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%220d77e771-030f-3009-a58d-bd57b58ef426%22%2C%22tagid%22%3A%22371e73f5-9f85-4bf5-a811-87cda8e1dc6b%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_371e73f59f854bf5a81187cda8e1dc6b_zone_22897_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A6%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

6c402216f6e8befd5f528afb4c9b454e357a8845571cd32c483105dc8aef77e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 2257
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 46 KB
5 KB 1225ms
206ms Script
application/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8652105757050117&cpv=5a2f3e69-d3a4-baa5-2f6e-614db476e291&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2206606b3a-5641-17c8-acf1-a9f9bdfd5c8e%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fdynamo.kiev.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2290918303-e66e-df96-2eb7-e0b0a484e6d8%22%2C%22tagid%22%3A%22752e7067-2ab4-4356-a9a8-56143c99ee21%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_752e70672ab44356a9a856143c99ee21_zone_5382_sect_440_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%2223e57353-0266-390a-7681-a4ae13c2f0ce%22%2C%22tagid%22%3A%22296b5670-49a2-42b8-bf85-3d039da56b6a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_296b567049a242b8bf853d039da56b6a_zone_22898_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%2233e0e0ad-7d04-52ba-ce39-15016901abb4%22%2C%22tagid%22%3A%22ed65a398-e39c-4c65-8a6e-d40de05ef36a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ed65a398e39c4c658a6ed40de05ef36a_zone_22906_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22178c6161-9aa2-a5c8-c062-8c9aa78ccbfa%22%2C%22tagid%22%3A%225cb0175c-f2a1-4368-b48b-daa798038bd2%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_5cb0175cf2a14368b48bdaa798038bd2_zone_22895_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22e137830d-c0d5-070c-a597-5f08025e23cf%22%2C%22tagid%22%3A%228f65d4c9-bee6-4152-9a61-4400a5130b12%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_8f65d4c9bee641529a614400a5130b12_zone_22905_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%220acbef6d-0b77-0807-9c2b-873b3e383952%22%2C%22tagid%22%3A%2245b41efb-e90b-48c6-9279-355d175966f5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_45b41efbe90b48c69279355d175966f5_zone_22894_sect_6968_site_427%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22c60feec8-f86a-c600-37c3-f2136daa3744%22%2C%22tagid%22%3A%22348355ac-0bab-4840-80b7-d6e34e44e130%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_348355ac0bab484080b7d6e34e44e130_zone_22900_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22a40e51fc-0bb5-8584-fdf9-64a4f028180c%22%2C%22tagid%22%3A%228bbe821d-6929-4cad-8c60-6ae2360f3890%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_8bbe821d69294cad8c606ae2360f3890_zone_22902_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22b7128375-b05f-e1ee-bb22-b97876b84afb%22%2C%22tagid%22%3A%22822b2297-e3ec-45d7-ae43-6f9014855eec%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_822b2297e3ec45d7ae436f9014855eec_zone_22903_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%2277b84774-56b3-44af-63ec-b285de8375d7%22%2C%22tagid%22%3A%223165bf57-bd28-4874-a861-9403c76a3659%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_3165bf57bd284874a8619403c76a3659_zone_22904_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22083bfb6a-054c-19a7-2ee2-2447c611dfdb%22%2C%22tagid%22%3A%2296660d65-1922-4012-81dc-e9d2ea8db1b0%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_96660d651922401281dce9d2ea8db1b0_zone_22909_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22965cb6fd-68fb-9071-91c2-b2de17dbb7dd%22%2C%22tagid%22%3A%221bc8fc4d-620b-40ca-8e28-03ea36dc881d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1bc8fc4d620b40ca8e2803ea36dc881d_zone_22910_sect_6968_site_427%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A12%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c1b1cb3e418c03fbeee30fb3e5163b6ebe32907a96902a4d3ea74e32e62568c8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 5150
X-Xss-Protection: 0

GET
H3 200 all.js Show response
connect.facebook.net/ru_RU/ 271 KB
76 KB 18ms
9ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=2c19f6d79cbcc1a1d6774d50a23c4285

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

3e4a3fa6dce2b1b0b85742c7bff9112e2eb0e0c1e9f2b21eeb55cf0864dd232d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://dynamo.kiev.ua/
Origin: http://dynamo.kiev.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pKvbk7byyg5kwv4UoPIZVA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78078
x-fb-rlafr: 0
x-fb-debug: 3vMbVQkuFDypoHX081s8qsqetk4ikvfTN7DrTvARsZLWiFhOpblc1jdZxyuBz5aF/953ie8tdMyB6EB6OHloaA==
x-fb-content-md5: 36f860510260f98d49693bfa3a415641
x-frame-options: DENY
date: Mon, 25 Oct 2021 13:55:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0f6893f7a6ea17ce20330c89ccfa0c18"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 25 Oct 2022 12:59:52 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1762581420&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&ut...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1762581420&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&u...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=697022990.1635170103&jid=1302296740&_v=5.7.2dc&z=1762581420
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=697022990.1635170103&jid=1302296740&_v=5.7.2dc&z=1762581420&slf_rd=1&random=3859678236

42 B
472 B

99ms
45ms

Image
image/gif

142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=697022990.1635170103&jid=1302296740&_v=5.7.2dc&z=1762581420&slf_rd=1&random=3859678236

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=697022990.1635170103&jid=1302296740&_v=5.7.2dc&z=1762581420&slf_rd=1&random=3859678236
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 62ms
46ms Fetch
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=126265284105784&input_token&origin=1&redirect_uri=http%3A%2F%2Fdynamo.kiev.ua%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=2c19f6d79cbcc1a1d6774d50a23c4285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3W2Miw4WEBRToM4FDDN8WC8flRKM6hujUZCV2U+ljTjDVbNTwitN3H/wBdJ5F9g1k6NuUNkRUjXSG6YsTHUsqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Mon, 25 Oct 2021 13:55:03 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 366ee700b9c746906336.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
12 KB 14ms
13ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/366ee700b9c746906336.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a941be2318d79441ad1a966e6720e8129624611ee13198f78f7c2e59dbb2668b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc15
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:33 GMT
Server: nginx
ETag: W/"615ebaf1-702f"
Vary: Accept-Encoding
X-Cached-Since: 2021-10-20T09:21:17+00:00
Content-Type: application/javascript
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 21 Oct 2022 09:21:17 GMT

GET
H/1.1 200
OK 96e75df30cb0c2960782.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
19 KB 15ms
14ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/96e75df30cb0c2960782.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ea3b3fccc80ec2367900c7b7fff7162a7ba2bff793b31df137ac8bfe1826a7e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc31
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:40 GMT
Server: nginx
ETag: W/"615ebaf8-a793"
Vary: Accept-Encoding
X-Cached-Since: 2021-10-20T09:22:39+00:00
Content-Type: application/javascript
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 21 Oct 2022 09:22:39 GMT

GET
H/1.1 200
OK d7a232625e8b46740f32.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 30ms
17ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/d7a232625e8b46740f32.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f71a2212eabcd2e75afe61c0fb04dd593b8ffdf48989c40877c30d7fdd54f25a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc31
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:47 GMT
Server: nginx
ETag: W/"615ebaff-326c"
Vary: Accept-Encoding
X-Cached-Since: 2021-10-20T09:22:39+00:00
Content-Type: application/javascript
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 21 Oct 2022 09:22:39 GMT

GET
H/1.1 200
OK c5269cdd87d00faac127.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 17ms
16ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/c5269cdd87d00faac127.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 28333d75fe86f4d034f512efaea2e39f21f33e4cd8385ed715f931e16236821b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc31
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:45 GMT
Server: nginx
ETag: W/"615ebafd-2a79"
Vary: Accept-Encoding
X-Cached-Since: 2021-10-20T09:25:41+00:00
Content-Type: application/javascript
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 21 Oct 2022 09:25:41 GMT

GET
H/1.1 200
OK 4bd34523d2ac343e0d5c.b.js Show response
cdn.admixer.net/scripts3/ 214 KB
74 KB 15ms
15ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/4bd34523d2ac343e0d5c.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9738a0d5d5b16f3c05a2c0fdc11b4f71f8205343c8c338c34d406e3e4b9494fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-ID: fr5-up-gc15
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:16:35 GMT
Server: nginx
ETag: W/"615ebaf3-35936"
Vary: Accept-Encoding
X-Cached-Since: 2021-10-20T09:21:39+00:00
Content-Type: application/javascript
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 21 Oct 2022 09:21:39 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 88ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

14ms
14ms

Image
image/gif

185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:04 GMT, Mon, 25 Oct 2021 13:55:04 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Mon, 25 Oct 2021 13:55:04 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 59ms
18ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=897932f046674eef8555562ad3eaa2e1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=897932f046674eef8555562ad3eaa2e1&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=897932f046674eef8555562ad3eaa2e1&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f0e080ee-e29e-4237-a93e-dbcc0f2bb556&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=e19b13ac-75f9-465a-bf4b-93527a1f5e63&gdpr=&consent=&gdpr_pd=

43 B
463 B

14ms
13ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=e19b13ac-75f9-465a-bf4b-93527a1f5e63&gdpr=&consent=&gdpr_pd=

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=e19b13ac-75f9-465a-bf4b-93527a1f5e63&gdpr=&consent=&gdpr_pd=
Date: Mon, 25 Oct 2021 13:55:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEO5GN5NBIGaiH2IO1vxY-sM&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1

35 B
351 B

13ms
13ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4586997668
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AH5b-C4Rezhs-lORtDgciCw

43 B
463 B

69ms
69ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AH5b-C4Rezhs-lORtDgciCw

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:04 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AH5b-C4Rezhs-lORtDgciCw
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ODk3OTMyZjA0NjY3NGVlZjg1NTU1NjJhZDNlYWEyZTE=&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ODk3OTMyZjA0NjY3NGVlZjg1NTU1NjJhZDNlYWEyZTE=&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEBSKi9dYosxXWW8xhM7jjZ4&google_cver=1

43 B
463 B

7ms
7ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEBSKi9dYosxXWW8xhM7jjZ4&google_cver=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEBSKi9dYosxXWW8xhM7jjZ4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pic.gif
pa.tns-ua.com/bug/
Redirect Chain

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=897932f046674eef8555562ad3eaa2e1
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z63EFA3DB4C344E2938A4D142879ECC2&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=897932f046674eef8555562ad3eaa2e1

56 B
174 B

48ms
47ms

Image
image/gif

194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z63EFA3DB4C344E2938A4D142879ECC2&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=897932f046674eef8555562ad3eaa2e1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.13.0
content-type: image/gif
expires: -1

Redirect headers

location: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z63EFA3DB4C344E2938A4D142879ECC2&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=897932f046674eef8555562ad3eaa2e1
date: Mon, 25 Oct 2021 13:55:04 GMT
cache-control: no-cache
server: nginx/1.13.0
content-length: 0
expires: -1

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ODk3OTMyZjA0NjY3NGVlZjg1NTU1NjJhZDNlYWEyZTE=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEPWukkOH45SyNf4IK6RH650&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1

35 B
351 B

30ms
30ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=897932f046674eef8555562ad3eaa2e1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=f2b052b9-b31b-512a-883b-5d47e94dea7f

43 B
463 B

11ms
11ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=f2b052b9-b31b-512a-883b-5d47e94dea7f

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=f2b052b9-b31b-512a-883b-5d47e94dea7f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 67ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

c26f85b1b1e6e038f57a3d279af55d9a11da30f2c00145eb1306711bf83c02f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1023 / 80 of 1000 / last-modified: 1635159844"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27158
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 8ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=027b3441-dc2b-4286-bbdf-4e3ba28a3c05&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=6%2C1%2C491&ts=637707669039139886&ap=MA%3D%3D&asign=762572271&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=ab7577b8-7b42-476c-88c0-3dcec4293c4e&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 8ms
7ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&rule=F65818D0-964B-48DC-8DB7-9739FCA90279&requestId=027b3441-dc2b-4286-bbdf-4e3ba28a3c05&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=ab7577b8-7b42-476c-88c0-3dcec4293c4e&inst=ADS-EU-6&ts=637707669039139886&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 17ms
17ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 15ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 17ms
16ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 15ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 24ms
24ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_766786&url=http%3A%2F%2Fdynamo.kiev.ua%2F
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_766786&url=http%3A%2F%2Fdynamo.kiev.ua%2F

28 B
555 B

19ms
19ms

Script
text/javascript

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_766786&url=http%3A%2F%2Fdynamo.kiev.ua%2F

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fa32821ae212517f6eb39130dee267c7279ec94f30a8c2ef52f4b1f1b4d32dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 149
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:04 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_766786&url=http%3A%2F%2Fdynamo.kiev.ua%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 23ms
21ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 23ms
22ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 21ms
21ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 21ms
21ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 21ms
21ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 21ms
21ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Mon, 25 Oct 2021 13:55:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 cm-notify
creativecdn.com/ 42 B
243 B 13ms
13ms Image
image/gif 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:04 GMT, Mon, 25 Oct 2021 13:55:04 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 12ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=96660D65-1922-4012-81DC-E9D2EA8DB1B0&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=75513e10-72cd-432d-820c-26403d6a9269&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=-1539631386&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 084E 113 KB
40 KB 60ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

HTTP/1.1

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b131516083f6add1652d6ebb5cf97196be310495af826c8e918dc097cad30e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12541832618533224018
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40580
X-XSS-Protection: 0
Expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 12ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=822B2297-E3EC-45D7-AE43-6F9014855EEC&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=aa68240f-64fa-4422-b0de-00afcfe2f159&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=-63103509&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 10ms
8ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=822B2297-E3EC-45D7-AE43-6F9014855EEC&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=aa68240f-64fa-4422-b0de-00afcfe2f159&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 19ms
9ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=1BC8FC4D-620B-40CA-8E28-03EA36DC881D&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=9e36e99f-6449-493d-8392-41b62a65c5fa&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=1556809380&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DC7C 112 KB
40 KB 69ms
45ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

HTTP/1.1

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5b40bae8c776c1e04725288629df01f1691ad19508cae6fa893d827228012d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8034027600894370548
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40413
X-XSS-Protection: 0
Expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 17ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=3165BF57-BD28-4874-A861-9403C76A3659&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=d08b146b-486c-402d-8867-8f3fab2dddba&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=1406951837&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 18ms
7ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=3165BF57-BD28-4874-A861-9403C76A3659&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=d08b146b-486c-402d-8867-8f3fab2dddba&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 12ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=8F65D4C9-BEE6-4152-9A61-4400A5130B12&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=5328a35c-a59f-44e8-815c-3d6f9e9ad45c&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=-266539103&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F2A6 112 KB
40 KB 68ms
45ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

HTTP/1.1

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5b40bae8c776c1e04725288629df01f1691ad19508cae6fa893d827228012d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8034027600894370548
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40413
X-XSS-Protection: 0
Expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 16ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=8BBE821D-6929-4CAD-8C60-6AE2360F3890&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=bf86374d-9738-4a0f-9e38-07b23636f77a&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=-1288812196&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 16ms
8ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=8BBE821D-6929-4CAD-8C60-6AE2360F3890&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=bf86374d-9738-4a0f-9e38-07b23636f77a&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 9ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=348355AC-0BAB-4840-80B7-D6E34E44E130&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=bb82f6ad-585e-418d-9466-da9c3a9857b6&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C490%2C5&ts=637707669039410148&ap=MA%3D%3D&asign=-1537621547&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6795 112 KB
40 KB 64ms
43ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

HTTP/1.1

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cbdcf9656492aabbcd71c91161347ec13a8746eca540028f0d1ed9f67a6a0c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12437458395872640063
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40454
X-XSS-Protection: 0
Expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 10ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=32807cd0-371e-4036-9392-7e6fa9904f12&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=490%2C5%2C1&ts=637707669039410148&ap=MA%3D%3D&asign=-1345063848&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 15ms
8ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=32807cd0-371e-4036-9392-7e6fa9904f12&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 14ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=ED65A398-E39C-4C65-8A6E-D40DE05EF36A&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=cadfa8a8-6f16-45f5-b4fc-dba137141df1&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=-1002046200&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame D104 112 KB
40 KB 63ms
43ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/9104cf3e334749084111.b.js

Protocol

HTTP/1.1

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4edf6d051c3410c21f5ecc4f7ab6096da9e2eefa4fa0ac7528645e4a0605d2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7586162753123203082
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40454
X-XSS-Protection: 0
Expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 10ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=45B41EFB-E90B-48C6-9279-355D175966F5&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=18656807-284b-4004-809a-ce6dfff552af&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=490%2C5%2C1&ts=637707669039410148&ap=MA%3D%3D&asign=719674669&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 9ms
7ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=45B41EFB-E90B-48C6-9279-355D175966F5&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=18656807-284b-4004-809a-ce6dfff552af&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 16ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=296B5670-49A2-42B8-BF85-3D039DA56B6A&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=5a458de4-2285-4bf7-98bc-ac5e02444a68&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=-2005381662&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 15ms
8ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=296B5670-49A2-42B8-BF85-3D039DA56B6A&rule=8056BFE3-20E9-4468-AEB2-D0CA3D97D64E&requestId=5a458de4-2285-4bf7-98bc-ac5e02444a68&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame 084E 270 KB
97 KB 146ms
89ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua&bust=31063253

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 99003
x-xss-protection: 0
server: cafe
etag: 2748601908783812869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/ Frame DC7C 271 KB
97 KB 142ms
96ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ebc9499a1fa1277f95c8184e0fbd2260f08cdd5a45e190d93e9f1de44cc2d35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 99042
x-xss-protection: 0
server: cafe
etag: 12327076470136874193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/ Frame F2A6 271 KB
97 KB 199ms
154ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ebc9499a1fa1277f95c8184e0fbd2260f08cdd5a45e190d93e9f1de44cc2d35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 99042
x-xss-protection: 0
server: cafe
etag: 12327076470136874193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/ Frame 6795 270 KB
97 KB 167ms
122ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua&bust=31063230

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a5f5f57fc02aee76f46835608dbc7438b3085c75dba304ceff2b689f851cf57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 98903
x-xss-protection: 0
server: cafe
etag: 4274567246609261928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/ Frame D104 270 KB
97 KB 93ms
50ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua&bust=31063252

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a5f5f57fc02aee76f46835608dbc7438b3085c75dba304ceff2b689f851cf57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 98903
x-xss-protection: 0
server: cafe
etag: 4274567246609261928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 44ms
23ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 135 B
127 B 47ms
25ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dynamo.kiev.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

5226a529164833ab6cf62464280e3f67bcd14948cbf37ce3fc3c165780163d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 102
x-xss-protection: 0
expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 8ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&zone=348355AC-0BAB-4840-80B7-D6E34E44E130&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=bb82f6ad-585e-418d-9466-da9c3a9857b6&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=5%2C1%2C490&ts=637707669039410148&ap=MA%3D%3D&asign=-1537621547&sync=88%2C3&bt=3&carr=Sugarsync&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&ip=216.131.111.46&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&adv=Adform&dsp=Adform&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 8ms
7ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=4&zone=348355AC-0BAB-4840-80B7-D6E34E44E130&rule=C6004C05-3D56-418F-B7BC-DAF1845CC5AD&requestId=bb82f6ad-585e-418d-9466-da9c3a9857b6&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 83ms
32ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 81ms
30ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 435ms
435ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2929074480032121&correlator=2796662385703873&output=ldjh&impl=fif&eid=31062392%2C31062525&vrg=2021101201&ptt=17&sc=0&sfv=1-0-38&ecs=20211025&iu_parts=29636627%3A146704994%2Cdynamo.kiev.ua_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1635170104&dt=1635170104652&dlt=1635170101954&idt=2667&frm=20&biw=1600&bih=1200&oid=2&adxs=215&adys=2816&adks=3010669371&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fdynamo.kiev.ua%2F&vis=1&scr_x=0&scr_y=0&psz=370x250&msz=300x-1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=2087562454&ga_fc=true&fws=4&ohw=370&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

d7aa3e1561a21f8f99bd2d40785d7dbeee3f050bb44b8342c6e909d18c7e040f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10249
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 1047ms
1047ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2929074480032121&correlator=2796662385703873&output=ldjh&impl=fif&eid=31062392%2C31062525&vrg=2021101201&ptt=17&sc=0&sfv=1-0-38&ecs=20211025&iu_parts=29636627%3A146704994%2Cdynamo.kiev.ua_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1635170104&dt=1635170104656&dlt=1635170101954&idt=2667&frm=20&biw=1600&bih=1200&oid=2&adxs=1015&adys=289&adks=1930077042&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fdynamo.kiev.ua%2F&vis=1&scr_x=0&scr_y=0&psz=370x250&msz=300x-1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=2087562454&ga_fc=true&fws=4&ohw=370&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

83ba1f49c61036d6b8028301b5e4023a299549c6c5bb0c6d4f9e4140d465cc4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8916
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
25 KB 734ms
733ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2929074480032121&correlator=2796662385703873&output=ldjh&impl=fif&eid=31062392%2C31062525&vrg=2021101201&ptt=17&sc=0&sfv=1-0-38&ecs=20211025&iu_parts=29636627%3A146704994%2Cdynamo.kiev.ua_300x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie_enabled=1&bc=23&abxe=1&lmt=1635170104&dt=1635170104658&dlt=1635170101954&idt=2667&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=4058&adks=4290252013&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fdynamo.kiev.ua%2F&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=2087562454&ga_fc=true&fws=4&ohw=300&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

304bf27e3ade28a2a0e185af38207424f955d28b492d4a075880c2650cf93181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25227
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 323F 6 KB
4 KB 142ms
31ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 25 Oct 2021 13:55:04 GMT
expires: Tue, 25 Oct 2022 13:55:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 084E 204 B
438 B 24ms
23ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua&bust=31063253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

0f4a337fc20b1390ca9f9932b7b1e45f7ad5d9bc662bf3af1fb976da8af57add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 192
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 084E 107 B
122 B 61ms
33ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 084E 107 B
122 B 89ms
41ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36B3 18 KB
11 KB 371ms
316ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

280941f8912fe8c12e288307a8db7bc730d10c577d5763714d6ed45e7a16ad53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
content-length: 10434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D104 204 B
217 B 22ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua&bust=31063252

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

41ded75ee2cd874c25ec69f5ad647e70a72b64bc3410e8cd1db0defae80610a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 195
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D104 107 B
122 B 47ms
43ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D104 107 B
122 B 73ms
50ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98F0 16 KB
9 KB 413ms
383ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

038580107665e4d625bc27de975c1688f4526d301911fc3fb40accf68b23ecf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
content-length: 9000
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 6795 204 B
217 B 22ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

8192743a6829627dcc179c2440ed7a31b0b890d9a837862e8df7fb18ee8e7d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 195
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6795 107 B
122 B 35ms
34ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6795 107 B
122 B 33ms
32ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5E1 74 KB
25 KB 379ms
374ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a1561c6f5591ad7e9d5fb7e18a4ee871f96b1f619dd6223f89f97bf6d9fdd11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
content-length: 25344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DC7C 204 B
216 B 22ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

4c48ad4b5d1aea69ebb7598b4deac9ea19943c062d591384893dbd4ba62a9fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 194
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame DC7C 107 B
122 B 32ms
32ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DC7C 107 B
122 B 33ms
33ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F840 17 KB
9 KB 301ms
301ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4ca63247348f03097f90ebadd1e8ee0d12f58b5025e9556d775bbbc5831ca7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
content-length: 9540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F2A6 204 B
214 B 22ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

31fc7315c1163783eb1845551b989c6d8d04d89e3f97eebc68f041442c3d21a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 192
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame F2A6 107 B
122 B 33ms
33ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F2A6 107 B
122 B 33ms
33ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D32 17 KB
10 KB 295ms
295ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f047a9a5ca8bd3fe966db9c0ea77e9a6f88b01f2459a4de20c68197acf8fa2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
content-length: 9957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC46 6 KB
3 KB 49ms
21ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 25 Oct 2021 13:55:04 GMT
expires: Tue, 25 Oct 2022 13:55:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 9ms
8ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=9&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&rule=F65818D0-964B-48DC-8DB7-9739FCA90279&requestId=027b3441-dc2b-4286-bbdf-4e3ba28a3c05&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=ab7577b8-7b42-476c-88c0-3dcec4293c4e&inst=ADS-EU-6&ts=637707669039139886&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 36B3 42 B
63 B 87ms
56ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBp0IgnJcgq_07lw-DXeimyfzDq-us0d_rflxACfJ8bwDYa3pOHsnsfeFZxhQGi8OLpf5oKqrH0rNtn90G9982B29TiNGfuXs38ciGIvZvHeGB0NE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 36B3 3 KB
1 KB 124ms
66ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36B3 120 KB
37 KB 490ms
428ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 36B3 14 KB
6 KB 108ms
50ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 36B3 0
0 92ms
35ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlhoSk42u4oYTnpdRGt9KWmTyAoGgCojOgmVW2IuExDfDFtl8UP3cW7kWp2JUiPlZIZUqm8bBsm23ai5YEG7mEnicrmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 17F5 624 B
297 B 65ms
34ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVAyb4r0rL9gMJHTQXwZTCT3qfVhM9ElwVI1f7wVJWWPjB5TFS3JsCncBx87LlenBRpK6Vduh3y4UcnIz8LVqADlrySiWRVa9GeNwX47SAzLK-18Ge5e2yVXhUbo54ZCRdKPgBHIPcFYrnnlTagc0f7uOT_1hZZg7UPtCvLVqJsqdFMhFY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVAyb4r0rL9gMJHTQXwZTCT3qfVhM9ElwVI1f7wVJWWPjB5TFS3JsCncBx87LlenBRpK6Vduh3y4UcnIz8LVqADlrySiWRVa9GeNwX47SAzLK-18Ge5e2yVXhUbo54ZCRdKPgBHIPcFYrnnlTagc0f7uOT_1hZZg7UPtCvLVqJsqdFMhFY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 36B3 25 KB
13 KB 85ms
55ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUoerhECu_KU5v6StB1aF19MOqcpW70o4NtyhU4W9kwMcScMFa3_JQFLtp2mhXAwhYslgeqnHw0nwvqKeCPjWlrbsqKc2ybcD9nW0Tbjit1d6Tx2i3AIdFxuXDf9J7sSYszk6fUJIvRm8bPjlzabF_3PGhhQ&cry=1&dbm_d=AKAmf-BmK1O0HS3GkjKpsJTs6LdOZSqKlF1ZVRkbyL4IMbiL55Aj7nhsl5iGvqXuJT0XDrT2F6eGJ_R3AT0Kv0bNkFE11AD4LG7XH-qY6Fxq3HvmlN3VO-J7PdNM2XSaAqbVKmC1cYXCL5wqjU9f2b289XRNxILh9nqy4t06ogT0kmzpglRNZJsEztexC1c6Wp9pQWBCShppP_BO96Ml-vu6wswmxanomMsVbtk-pG3s-l773iKyLER5x6GiAXbU2wuALSllt9QGrO1L6wAfpjeLxSbtsBxH5K-Nqbfil9kj1eeSblStcnx1lJhmdxS3ZoUIuT510asLegY7zIoYR9TAznZMP0bwvfmiM0-j6Q5Udb2X3KdkuHuSEkMiOjIeLAhOISOJmemNKJBGcKqQ1I3JVHL0rfOrf1VxrJ3vTdDeWRC2R8VeDQZjjT89MMZUQ_TDNuoYuKc0Hyy6CaxUk-5qoARd9WRlbg3M6M_S6zH3vQLe88imtN_Tj88evMpfJWDtAkuMIz2RTnG-UxprZPFj7wEbSYaljYwr4UsytDUSJ8fW55tHRc8lNAd1YIC_znHo_4mPDM4mg6H6hsw8MVSAFWeO0ePI5AdwpHNUH7R_3V46iwiBMM_jnM2PE9CpZQuBiJfOV9NPq777kYGwgCkXElMtIGbK3klUem4tbPn-7X9LvuefF12_uJs-JDytoxipCcqC_LBr14lzEQAJKVOayxYse5RCvMJlqVtXSRJr1Cx6cjLq6LcerS_sQ9e-Eqomk2isqXpWyhbD4MuB5XPYOt9Fs876-AV_plXDvu-Vc81O99rTTYwRXy5M7j2WTovJwFuMKbZnaGgB0-Xm28KAdpaYZ1Xvo-uQD3I-b3UqqEKnRGCcI06buiqOKQt084gc70ZtvUhaQkz4-is3kvkYmYGQiKXq6WU2hirlVDCDXjlaJO6onfQgIrAg8wkK48IzHMTij0YmJasSsYKSYzbHKjVlywWpSPXkxOkac2ukvfIoXBjSr3MVv09r2ar-dSa5EkbsFiHx7lwdFSKpphA6gg_f39gzMVJHBVZfCD12rBCUrw5iVePCq2nX-lnY5MYfxMagVpxVlbgLHtAL2djIHmuWuE5y-KHKt273_Qi4VLIqq3NmAO4mWXtNR9e-JcG8MMolmndGqjpOW_jUG5F6cD8_2N92iyMHAuQdCKp0tiVjLRgNZa_jkocuzuBSzgmz3HQ_5_YbEMiIxP0-n4g72vMUk0Qp8iw9klCQnkfpsXg5xqKPidKT5pU3FwhPpEWEzgIsBU05I9c4T_HQaZ_QEsb7di7SdO_L-M_uAHcyEPG9qHyZ8jd8BUi5AuKscDP59X_Vr9cc3IAu3YvyE2ObG8gfrILB6cczLPUv3qaJXBr_D_6qFrkg-HltcQlpNW1ooW9OCm9NcQiJwLl4kP-Z7ye3I9AdPepHRazyUxOAFAgBwIR31FNHNt6ycJpE2zp_ytN1KKYoOjDKDiRLbkDbbQLKuHsMMlbm8Xmke5Y4GML4bAVTLuH4faE3vqaT8yfYJjOKwgUBl4D7dP-OBHDLb9x_bquFPCF1O60KIpH9W64EOp7wWujJq4GMBkQVW8L2m37jeys805ljHTSML4WR1GL-EPsBkUNVACCnNMt-aTinUX492KGGoyrSJIlKkwnNdVpeSjGxKVPi-5w82vr9zxHejZ-8onsfRxqOVhkpKTZS9fzXbJQQ46tYB6ceAA_wpMwH5VB4gMV8dg8jBaXs3MVqaaf0YUtfXxgvhqFF9014he9truSKuNkjzljpDAwdSuF6cxUgE8wPBPgbxurPDhe2dMrC7i1K-bbpK-Cd2VHpcqKrTfmcmdaCMZUsmXdeqogYOioG6aOdMCymrWZDG_qBPH6C6MZYPLxMseNUZD0DBVHMiGNPbGhDuElKDEL8-8LrJM_AaxTWxpxBk-PH5SiLnw4TvU68e9K2BeTYZHcbr3OtHN3n75EpYHkh_OJIcBvtcwuf1JoJGWXrnsuWK_ch2LjO8ldMNj2q-4iqAneceNpnJxG3bDygHS2FfvTtAfxb65EThtwhXoj1YqrbRTfpvHmbGG8227HRPVzC53FBE0353PUtEx_bt6ZN8mM1wbfpcrMpsGcvmxh9mQ0UAzNJ37fmE_c5iV9f-pBbdT6CsuVwGgwpD0bpTSf6Zem_LJ01KM__JbOofISHC9dDDHIY8QLBJemFm78R_N1gmw9y470ugvFgJqGxxzjEEdl3X4tVdoKJdL6PDR1lp3aemtxjJsLiz23F1aM7qQ45cNH1IO7lB1VyzX811d4qi1RKHogIvrRa7vo-1SpisyFKCAXpzxqec0d6mRgr4bAlFJ_d4Q0lMF1HyqnZ8Elmo5h_G78fabyjVP_6Xs1Aq16xdYK-3JrEAcTMSZ2zpjUVCPQL-wqTp4HUjfGBFVjglCRVPedMP82EzUM2wCZAveHcB75IMagcyKuXEzsR7ZvTeSbEfpnD8Xm9nNCm2i963wrdis0knWBM_0rfQ84S2CGtSHdTEloQEbx_UQ6TV8msOjnAdifKOvYkT6wIpVAk9efzvaHI_JsKj7ZXPKIOubC5QQDmOzVbYPQH3y--2fpJ9hZS_cuJ4rvYF3wtXRL4Pe1GmkfyqXDxz5ng8VSatdJeNBG5LMY7FyDXEJuakqFxzBuMyTfI1s4K5OTfZeF11ik1kESD9y27WXIuiQd9NYWS6BnnHAb7Toa9fodUF02TjfUXpnMURTYqtxQsA4iWGnVgo0ddp7KE6UChJrQn9O9wZzQEez1OhCf64PQ1TqSUKsYoWMgP468P6XdZSNYpQsP4mDVnDn-Zlgnkc70mK_kBCEqPcDpk6eCsPMO36r-Erqy83uN7ufsBwmWbsJMXTsdvzvuF0uuVuWfi_ueE3Oer5--NydJWX7e3PjBpyW72MnJy6CMu7o6nvJnyTqgQNB_mopXGx7grstgQ7261nD_0MYJD5LXwf_k4Rycdw_FB0tNzY6wVTv9DbfnMT3QpWlSi2MmMHtX4OQmWnNA7TPDPeqYyicDkT2StM4qH5CVy936ac8Or8_R8s-meouGJI2twJjbqiEpgUlUNGLIizDuK7pTdboYGFk5vLGRjHbmrSrhBh38YzZrgEPMCS3Dd4rE5qVXiRec6q_kLA33-e2tJftYbfpJOB59OyUwJobZfpA4YonS6ELZ5mDa7SYy3rh5BpLEYGZDQxZNyE2H0-EJD9QjrBHrZVeg0f2PVwoHGZu_ThMqf3AHr3VpeST_KBCuN5LFFfU-hbvrmH42msLYqvf9Ooi-RX5_mp9cCA_nVvSlFR0K8yCXAAVRAHD230IO3Q4hmTRwfxYMfi2uU-zI6-3M1wF0MsxU_hN5FTFDAcv5qte5kpN1JmW113a-bgO0VLmJWZWzB&cid=CAASEuRozINt6T4nBMVO3GxR6WAOiQ&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c3336b531b43df9766a9f6c8fabc32760041092f1314e62fe73cd43a555b2a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F840 42 B
63 B 84ms
57ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhT1sbCk5LGJgT_AyzSv6K2WBXZymDi8583LeTGtJYAnmNFX83S22u4yfwlSwXFeZGg4hP6j8VLv-K4tTYls8bRXNLlZCzMx9T3WUHiL2aOECpaWU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7FD6 624 B
297 B 62ms
35ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXewEnMtG7KX6jixnmL2cS6H9a8fC0bL0pyJPtUNfYjviQ4puPqPjPfAbryRTNLbMetbCzm4cH14Kng7cRLoKpuyaK2udiKp7kDPfAOipSQKJumAo2PMNVXY2Zg3gstJ05us4nDyZIvhD71VMB-7ycKWcYoHtiVQg9eeqC0-bDQq9RL5WI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXewEnMtG7KX6jixnmL2cS6H9a8fC0bL0pyJPtUNfYjviQ4puPqPjPfAbryRTNLbMetbCzm4cH14Kng7cRLoKpuyaK2udiKp7kDPfAOipSQKJumAo2PMNVXY2Zg3gstJ05us4nDyZIvhD71VMB-7ycKWcYoHtiVQg9eeqC0-bDQq9RL5WI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F840 25 KB
13 KB 109ms
82ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvOyhagneLLS8wyJnufdk6pOCv8p5_lpnQOGfH_Q3GevK5IASg2vKbGczDco-1Lmk_8GgI2dHQ7cAMgAikbRgczmgMPwzIWI_0NwhTc9jCYiIkjgev9Xt71juFxRfDT5ZyKMi9zyZWrjvjdU-p4gJIYjzi2w&cry=1&dbm_d=AKAmf-BKwcBmwEhHaYqB9hGMtey83Mbm8OrnM-7UpfS7y42FSVrpVBgUAHyjr8JEHimni2_1Wbbvj8YEA1QlhtPAcj6PRC95poz_0wxbwJkTfoaMIufk3abxAtaB40nFaG1TXRI43QmOF73Cik8tGMzGpf5Fwp9r0VmLZ8rGbnpPnWIh1gBfib-Q4B4gVGW-kgS3YVgh5MfxX1uWNKiegGGfKvjvXcpQ-i19tfML27ZiEN4WRy4embiYkLo_QjUmcpFnjLreRXTPZoIpsEeTGP5EbFlgY84MiPPGw6RVR7tE8wTnud-nAFcmR-5RNUA-7OzPJE-9RtFPWB1nX73VDPX__V6pfen3AYeAFKWVKrLZ4Ev3UmHWWkW6bwsRw0SFU-TZv8yawF9PJmRCnt_b6qjTfGU_jwLGosrLa81zNBwHj8NLrpAsLNDR90EAzRg83eH_wSxA2A_tA_elrPA0MubXfnAWgqkIc9rlS8N9-o1sZw-lKM3kArduMTABhMFT34Y3Uh2SpOMoEHmdRNLSU1m7cM2BjZWImu_KRH1NKMEeXDGWvWTVqc12VmFUTXGjqcKxQY25PCC0ZmM0MbDyq6czuKZrZa5sWD4drehGEuuLcIJ0dj_fjDqM-b0507BxnYJiZqqBjESVayf8kj8dthcjBzkCLp1pHxkCdHc7JTqzDDULrbCiuvu0UGJMCVmEapucZQyoPiFr13Cn1Jt6-j8xRz2OkmNiZyjv7RnJ1F_H_91nL_Z1tXePd4AZZQEq56k32Bg_htiYZxx5NxqBwfo2zwZxVMBKlYtGTSxH_9qZAICD94v_VJ1HkUHFuZbjs5AwqSPNZPQHH2QVbmGAykn5HvYPUTyh2pM2U5kWyEb_IrvNIo_F7dPEp9tHbLM_QEtM6TpqT7Q9DSS_wlVwyy2KEg_HL3MT5WlOQRIH4d_rNZlq9XjPqnE52QeFNV1L7FGjZarp4Y2DEMbG0cHgPlfh7DlgRALui-a0kCLkzqo-g1oPlO0n7E0U2J5g-36_ibouVbiXP16CwhW2TXQfu-11kDwq3mbgQwH_kr_W3PKBqoJkSrcSdZGn-RKKx9yxLzhVS4BzclTTfvnv3Swn6xNH5-vBwlO5a6dv_GV_Ud4ad6mxgmcNsAQNYjesfFgpBULm2q6kGm9r4zWfWd6K0cOL5buUHxX4unQIyNcMII9RxlSFqmMVD-I88Sgmf55fLAkyAXe4aF5tKtLUlb6WnmTR1PpF4UqWsKOo4hb4oxt7YpM_jnC2O_FdYYGpBAnBY4sbLf0fYXKqA1ZIZBdT_rabxZVmWAYqZnb7BtnfFhyEjRf5--nBWfvD0RnJEmLq75J1vJN1oGVwY4K07zbMLaXYAWjiNHHiFp7ishoSbeR4HmXYbUkxYjBeXKkV03Rx6ux8HBMtSVyENZ6cZF8ZNqFEf4XJT0jbyZycNzAQihnElyA88si8V8dLSx3w0i7a9iUZ6a-FUc6x5qIApGYZ6R7id149qRqRQI-URZgoBgkZ1gVfMoqIkBVfBDXbd6av31Ci5gFY9jzENajj7KGgWbQd1kDWi5Dwii5NYZTt_oJkdZGYWodbIpWLWg7AbqeWX-rkv_JJsCkZ89c5mEX6uFR0DuN4kiLx8F-i9vN7F9k-VnpPsqoF-c21zn1_N6Yf1K0qOnHuE9E1m1Mmt5d5iv1LCPQzWAgaykftKYPrCWYtYq2IlxhP3HB1RAgX3DaFgBoPtP5lC5PynyRwNDNs6c5Uo37qSt6nqCxBa-fyrQlScjvKVk9NPBcu7Qd33JjTVHlNagiF5UO9K6NtuUWwyXKr9zwkSmETxSvHSw1v4hwAfEfV9YrYG8IJu4-Expa3bFrMBiLCJXcSLN5tG9DHq8OJT17RkeDZqmfGZOE-F6DAulleKyvbgXLJBVKxFhfWz-r1Tjz8TBLz_cOUqrQJF4MAb-tnm4EvFBzBEysKD5I9qZ4LkMaqfS6Jun5dnV-EPHBar00_XEBpMw4aVJeHsczjGLmgo7MWKZaLGoAiCiijTeY0RxkEgtL-Anp2Reeat-cqaHmzkQIPrcVji7Icop3CgKsonRvXJVZDWRO5m5zIyUu94_myR-evnCUojvZqrVn3k5jIy3vZYPwKgJJ-FCVoWXbc-vjI4b1FcrrWMdiQ8PWM6Ri_rZS0TxvfxocyIFvZxzXZsNgCkyBIHhITHiW2zb0grRd3RKyyxPD0SFEs6Si-7x2w43-k767yu6By9f6E-I4t7GIjhaKkO_yC7TgRQqDa25P0UJpcGNt-5ZyJp8ZYFgqfNJ9v1HmU_p2X3WYULyjkrMzQcVBOUJEuwpv4TMANQA9MMVz-gc3sjEQNCoAuoT1wpDU6aQSAzZqwelwLVsxgNj66u1_IDypYJC7PNxHp0A0nWYDAVHEn17BsFfQY4iYTIBX8XAcFCIvKJBbiO6FU6gxaf8WddDQAZTVQTIeInB3Rs_qjqz92DytQKh8Eoub95zTwPazjxVQshli7_Gq3iDdBFi6S1CSVgj-OftlrRRzU4_egAto_IDCD6MZyu3lQj716UOnUIL3KHPcRWTy7lRzHtIAkVPeYJ0AoB46UrrffMXd6txzX7HAH0D-EjJpNdE__MO5tYfp5LHaSe2mWFjlNwMe5AIU69LbC3JGGE_-SoaM1EeyQo9Kou4ucRh1pzEkZCZE81I28t9m4XJW8l_gjqsaJsU0mS8NApZvX6_cqlfFu-BVP11M4jmIbDQmeMmkYoOXkJy3MhX88jII3mjykL53Mr8CC-PbmXe_K5c2Ysw-BEAaD00Pmebuke1u1uHqlFba2tCCq_ezJDWvY8lDcEmgaqKSycT_EIZSWMwzHgtowuJqfoqpZz3x-1gW-Eie23qkoGjUHp3fOUnl3AmiEO2PIZGD5fkUcI-MZ__Tshgek-OVw2k-jdfC2kVmdUWGIy-STaJ3MTX5NJSFG8fHHFuurS5eEnDzc7hrOpCwhXCR7OA5ZVWyCiCi0Y8qtVnhrgg4K4eKwiAfLEtFpsrOjA2QWiznwQesUPu8YHcR0VXNiZutsEdcyw0LxUwBGCLpUs6czXSwTJ3l4olM98CgjWOroCKvW2ADD67_j7p2wmap6jDNf-YbmxKGa45uGbWN2WkG9YY6lsycEX9OIIhb9fLUln4KFGRIshkExDssLbqCQynO0MZZeGMh5NXaIHOBfNT82LA9rPuTNN8SfJpcGfuyk6CBqS69WfnssHpj6MOyIxzB394eHM2PupaoxePN5Rb010ryN8S1iSuf9CzPk&cid=CAASEuRopxkbI6x4dTX9AoRNr59Rtg&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bb19bb9149fcaf72e350cee625ac1eea6d70276c9f83f8eb39850d74e3b7d6f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13184
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F840 3 KB
1 KB 116ms
65ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F840 120 KB
37 KB 475ms
420ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F840 14 KB
6 KB 107ms
56ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 271ms
271ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=752e7067-2ab4-4356-a9a8-56143c99ee21

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D32 42 B
63 B 65ms
55ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3v28ZCcu-nvSo-YM-glgAZlkT-c1GlYO8gpSguy0pqL2c-KdOyZTqgYZFSe8DArMjSLyXlzvbZnBalHQMW5nEAee3HD7KIjPtD3yUV-60Zl7ITFk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 9D32 3 KB
1 KB 99ms
62ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D32 120 KB
37 KB 466ms
425ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 9D32 14 KB
6 KB 94ms
57ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9D32 0
0 70ms
34ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5NvvetJQUBj0CrC4dkpwDAEiInj-kMZ53Ab_YMvAX-Iv8XON1OsRXhfRTQcLmwqVtsMgWrMaHssjrTQONfe9YOGWa0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D4BE 624 B
297 B 43ms
34ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWhaLfbGnWitkaED2wLLOyCmXoYcKE4UH-xtpPpkYvKlC4rxdWVDjpB5VB2To92b_Ct8Sm5LGeJiisu6ntOOq8YsBm3xq7mirk3PZPbUXKrr9ji_WWX1eohF8PZpavY7y1eBTpVzj41AjgIATTJQoDDqd9uQ6glUv2eS-_ba9mDtfvw4Fc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWhaLfbGnWitkaED2wLLOyCmXoYcKE4UH-xtpPpkYvKlC4rxdWVDjpB5VB2To92b_Ct8Sm5LGeJiisu6ntOOq8YsBm3xq7mirk3PZPbUXKrr9ji_WWX1eohF8PZpavY7y1eBTpVzj41AjgIATTJQoDDqd9uQ6glUv2eS-_ba9mDtfvw4Fc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9D32 25 KB
13 KB 76ms
67ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AID-rvv2fVKhLXb8WD0X9n-us2CSnscx_R117hkGwZ3k_QW5Ia8S6lCE3KdS27wD4_GdX2Qi0q84SpWn-4T7FSTrtsouSkY3nWs6t62AiTx6x11YpVomUDT3UZMQ91e0vuGXO7jKNALJz_dPkw9uL6zO2g-Q&cry=1&dbm_d=AKAmf-DCjuvGE4liROyuvcyOy9vbzKIWWcZ6aMiBD_lZNaV5AOPwH3mA7yTq4oitOjusfTykS_aUeVCUkOvuNMenBpz3RlS3v2PkZf98qN7l8M8ulrT753OQaQFzjZ-VSmZGolr270cdOoynTscy50QH8zmDKtz2uhxM4MkBC3nUVuCepl4LesNVIMVjwtzJo2sgNe0N79abcI1iXXF9m-T3R03cYPg2O5LnqntbOJjqF_2yM7URKlZXoHNcPfbsGoefP948fxioyBu9AXFQGE_9r1zgdE0JlyqyY9PRQO7f5Tqbad4YFy5VcBOBmjrKoA21e3PKH4BclYhIX9xYedS44xVBOuMypU6gVHO0RFp1IjIYy8ShX678JeCpKCS_TzqUGwgI_cwskCMFFXFhrnY9aeNf-1lRPA7txQft_PkAA2zUKxVGR7omCYdbytMwVqgrJhi1dlVJOC1u0KYKS1pKvtjvSCUIsAXUq0tfuCMFnaj_Nbhd29yGvkV-5Njr5bZa17g-dWz5NnqSz7V_KcWojLXNaJWpftjvLw33l5tYbBfJVkZBTNL13w9dhlXJv3qp4weUF4qggzBpb1MYePxmzvBrY-QGkCquAhpYLTpOvkjk73NRQCZy0cxXj8b4jDG4HUUhDy6gAlPE70qy19Z8TwAKKFW6CPdGMP-x7ZV4Ikl_sRqmUAsvyKndaBwNlnipNmxKy-k7vokeAWc1PmETx9BndN_XsyxozvHbQSbqmw7jLkRkqqdtkHo71aOxCFJ3CWFK0K28KG36ErUZbOdlFHme1wfujT-uTkxXHtQ4O4MzoRzdCO860wlvcLWl7WA_LofK2Azz5JVQvel7A1uIjb2BBMszF6ow2f_B5jhGVQkorjIyzjSrdW-1k491QmZEuEMZGWrxnzZTZ7v25xTarTLVxkg4rXIKhmj5TQTKRUEr-DdZsSfaoxdWch5q9luOG0SG_D6LXnATUUFDo7J5DX2ZB2CFL4LvBAVyU8Pu8tTRORJGo2bc58M5vRHBLpMUOQfK_crqL3juL85AQYQjL97HAXNpHoIr6bOfodGe8VdVja-9StRmDkvMv9AbCVsXsCK1IHyvtVjLcsVAcJqTFJRZZ7Kvfo9UKsVcZMSyPLr2KYER6GvdlsvuhXxoeq9GdhxfIwg8Nkmy3qGWGLGMS44caRnXZp9ol1xQFQ_YNQOhiSAY1IQssdUXRX3zYhzUQ5kmv-iq4oU8smFZIhbAbwyZkJdPdLegz4nrisQhF4_A3mzjtxTe7PRrJiJZojeMgHiAfoZPbsbCUIPx9rM6pxUCTGk64UJbFLj5T3JRSYVbuKOrr9oTvnuqZWhI6wQc_A42ZSkx4m6cZDAt7J0WRLEzLI05Wvd0ce0GQb4g02UCz-b0pdV6mE3UwfIIdeUbltugkiqt0D0DquqfPbfGuxGO1g_aGjGGrlQPwlPOG4zDpqbK_aTej7WiLqs8dZlH_31iOWXIfkxeRQlPtRiUASK4YS6wv3XQB-XLunMN4LoQxgKVBur1nUrIpepVTPyYx9p6P44sdhe3vglqLm0u6tOokgPTxUyRXQ47jkfIHeU5ZMzBktuo-e-uC6G_36NfUl5MZySQIchJ4H5wFAli8U5Ep0bxTM6qbaO7IXCo7xApcCqif3yOxgxuM9rvTxUZaFyecZvz-5OkNIClTfsRXdxnwvqHdzxOkrdMktOfoTfG5do5dzXBcWa8g6OFTUBoaRXLS3zK7X7sk9QLFaBf-5_-gweuPhjYU_7lLgIiET-wNeeuKy-fFIdOg_7tSIVJ9ORqHMEy7rpD0zNf8ss3S1TIh5EMnMKaNzJo7h5xBBp6Gt1ORettdVoV0_8WYHsY8iSpTAKBJKQERgS-oljQDhXCimIBCbCTooCkLdnSRfNbrobZhtUILngW52nb6SEdMIKGROoDnzpOcNSIXtdUMC_Wzszp_cF723FPixTsMtyfmpl8POlWk5cEL8o1NtyPpECJ0RTBhEQeJmzpYPl-1Y6DwCLcmAxqArb8p94KxTqIW8KXSd1Q66bb0TPE6PhMaBziFlgjpFA-RAeMk1JBuLyu27nd6OXJmoKWuazyCWSHtX5OX5HRQ-KZ3Q72z-LPt5TmKgTJPEXfVEnpswKP_ueWTpRPSiIY8uWNWayF0Az0d8Pnwx9X3FGe5w2eF1rLxcIFTBAOGJqErR4Gj59S2ie_a2CWbBjIse0E4jyICDrpM3bgbTnsOuhmgfJiLF296teDmla10RCQtUJmpgOTRCiBqVz3G0WEQmPSTDTIopCpjsPrO6OC0vFhVR8X6lzcyr8iP6FMjRd151TOgBI_1hyzLcPTT3tz-XsKWo9-b_J3JV1rdyPN6jDUrjZ43kwepvLz8j8lDuCM4VJ-06u_YZAPmW8LwGYxVxV0wlV8oETBXh4599Bi5rv7Dk7lcgMA05PjBc07u-DhFOV-cP7X3qrLPxXiVw4yS0ASm-zvmdcMERj6EtY3QrrNY5aI5g2mPo6nDWKBxQbfQIRTOFKb1YmUEjUgu2qrZ8gkruW_NoQLiMo5NBiMH78cfK1MvFSxEZV68hPG3KnG-9aQfm2hGACAnEIx208kIO-IOwpODcrKM04aiVimAADCAm9QcadN-Q5Jg9AqqEodvjykbFGkO0vo43MKBH9prlnxw2zjCd0sfMrkAEFdII6jJgRApKgddQ3pNTAvwHJswykktSWQvlI81bI0ai6wa4Ailztdu6MxEDPPrekM4jM_3SNGAzqLTkuCku211YImardj3D8GAr5eA75WMyr0aPRqRJ8fw6SmsUg0OCkNEI3iG7UU0AuM0NTMe-SZrbohSZWWDkGHmeU8Q9R7AvNXIVxkaBPNlRWmS6C3R67JHmhSJoOecZ46WnS6XTZoTJUBIriAjCxfgg4hnhqAZ-mgckGaAd7YUZ3TJ7tEzO8yX1VTJSNEv6luF78QactAo-l7idPEtWBfgvzzsozoLItybesVJK0Lc6jQJm4CNNlhLXtfC9-3D1apsHYgYTgt4AA8rlwJLj-wjE0365twvofBS4Tb1nnDaPbUf6F4m3Lbx4txSlyJKer5t7xkAby_LOIn7at__NjJmYecaRm_YGJPaFEjiPcYl9NGNDGxY11YapgczNZxzm7Yz9K_b268Z5h9RqOw-LfZ1cmsaztlLTdUyfVuZ0fIdKqM7J2ax_aCAgznOm5K6xg_MmWEigDe5dJZVsmSsjRcdkVQ6lhOF11qEgXDbuNYUEN2UaxWnbkwIsFMgIFXvb8it8nWuI1T&cid=CAASEuRoSjYT4YUzqikNo94SJ0xR6w&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2c4c1bce649e6739003a638d72f3a463f7d479e63f8bfad3d35fb37042552ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13139
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6AEF 624 B
297 B 34ms
34ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPFC0P2rfM5FBSRGoSifbmrxMeG3H11nEJr-MJBkIpvHJumz1jqP1UDhuUY2XUQg9ZG5kJb0Iqk5CI96CqvfSMZkm9VgmXSgbziOjxC0thfZJujPsZmkIhRychqZFTRA__8uTp7rm-2Rd5fbAyg5wPRVCfgE-BLT01SzfcMEiXMuDMBY0

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPFC0P2rfM5FBSRGoSifbmrxMeG3H11nEJr-MJBkIpvHJumz1jqP1UDhuUY2XUQg9ZG5kJb0Iqk5CI96CqvfSMZkm9VgmXSgbziOjxC0thfZJujPsZmkIhRychqZFTRA__8uTp7rm-2Rd5fbAyg5wPRVCfgE-BLT01SzfcMEiXMuDMBY0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AC46 25 KB
13 KB 63ms
62ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9xv2qBHCRu0kN1h0zmVa-V_d8sTzuqod0z7xuO-O3uESnBdPe9rS7nyGCLWn5JyC51uHqQUpELiZCxtlCGLGKGfXTVr-U8DeuJuVhE_HFlsrGeatrrhES9uk0ykbyI_80lIk4G6CfbGkTH5C8EbWRYWPgFg&cry=1&dbm_d=AKAmf-DGxJQ2hEfAripA_uirjUWPjmbD4YRFXJWozAEXNlN9x2jPOBtYkNz2lpCglu41ezp9FgNJj0vIav2KZP_81ax9xasoXZsJZ2KJPZjc9R1H0__llYEX6hC6Ly4pvgx1oOe6q1Mdj3Rt0cvR5at-17Mr1VYv2Zvs0Mlmgxr7gU6OMmSVhgV40neKI3IEbmKcYnWp5HI5GU8-G56Ms0_jGPZHz7keqPK_4AFf0eK289WnuWsulLz74UExMqsZSqWnarMCZE80gi89xP2PtQ424p5F5MX_o9trIGGFRambDiWm4Xz-8b-YoaLFKm-fADk0_DM0F0jyx69NYWNepTQeJmrzniIidWmiNtT9_nEdg0vCce6Bs1zLWAhagNJ7QANoBGRvpwSw3llkdrtf-KbffNDy1oHknEgAOMS1F29DdpjCjbKDL1nv8F7bL4A7TRrG3fvZibzKL-1wTWntY_4-Iw1mvOuZ0o3E1YPPombM2GQuawias2Dn2IoYCRPD8XLuvQEhqjyx3sb3VOKhM_58AWppPRxj7oybx_FrNN_7iSiL5zXeg4T4iWCHRh4IhnG-nFCUlO49Xu8_3G9OkF9XuHuXwokEk-FqN8jWlVQ1xhkohDDXN7pGZuA_X-Unh-8ZF-5zbg_BA-2GOKeOtvqYYtNHL6qVMZeS2QYDISAm8jDtyNXHpY-2QPkGlwCzUO0JDCeIzoBxp8ETamGZ-q4BpG9KWi4HJPZDw8sFqQuJ8tJxwps9YP5K2JNsftXyuZJXoWZA1oHIPnZe8H0ZQ4SpPZvW85OxzpWSbqWKB7OtJYdAQEZUElzIWglSHkeMNf2hV5fD-W4O92dDtfVtYL-kXx4QSIqD-VGmkI9v27i0r_KVBGBZx-Cu8D51EpVUt5Y5emARwug5m_CzERE9sjP5ohmmGGt311ApzKLruEfRN6YsrNvisRz7AzN-Pww0yXRcuFDMTmJvf2RT_IyHzSJLVaSIOKUNK34KJNCekz0CD0DkyUZb8zE1Sy2f0HXrqVvo7HxJ-yvfMOuoeJx_UAW4IoWcagiMPz6mbDKPB0QtuSo8X-g0Ij54V5rEq971jxTnOGhlPCC0sPUAF8SA7SmjGNlLME8yIv1aJCpRYJ5mCtlPWZF3w3ryfNkYuS93-4MzHZQZFQwABodHKrPAJzkWXfhbiHQjloqqI1ofM-JGgEFrJlCsVj8_rNTA9mAVWEaXy3qH0de4mjO5xOv5G_IdoaQlzzvItnTCMJKSBIQkjl_ngisFkRy7Sz-5V7HoOe1S_HCL5SgjF7J7Hro2TP6B-IXFjX_3MWX1VFJcNrnsCw05zdFUVM45lpogeY2a1Wo1rburF6u5KPAOuMzO06Cjio32ohEWx3WztFrYBmg4z-mN1hXqiGzBtxcO3fw2ugHt8ctpTjd0IbPczpu3lXxVvofcJ9v_ROUzFWwe2Jy1avFADpmORKItF-NI_-ePLQq0vchg7b5QSQlLUzgCcYtGXh8hJoum_d0d2SAfU6qx2N8COyZxh6fMW3vZ72K0Tgh92J10DUUzOxXOizzXh3Wh3W0dS5pIpApbllZW0YJw0EHEN9LIGiAHkY84ByWVRNdYYqjFUNoIUzSySKgCYzZ_0OQtotwq_929juQHtqPwMwNMNVSEbiCcphxv_8koWhcUQPv0YaDBovTVqeSy6HaqFjufX8OEXuMT9F4Cp6g_lGddQSWKYpLx5paA3J8dHL0fL85T8b-4iVCBS5dX7SbMGuJSAzRTIgDlD4Dc6oIlnukwdKEeR7h9PhrgtDqd8o5sacFw7GCTl9BmSuZgqtvff-itXeHdawzH7aJtSrb4uqlVGdM2A8hDesNdiRVSCOZhKDfZE7-ST6hrOuy1Stf13R6M0pHnY2pMDWdwTEK2wbARwxxGhXbAk73sN-yJ0HaDlX_qXVU0qt2ydShNLfViA0N1A6SMl5bN2E3r0wyoUbyzRgMWn824XAGk8DQWP62a00jVMoX6g6piyCUIIrong4VHpjZwBGuuUXkzNKiR4WLOqA3Myf6DfX2MqSyiIEFbs3u5Fktx1AJNuBsbNDejDJZ9QMr1h3VkpQw6sjtRHd-Ly4FKZ3RCclQT4v-iJkvT8HEyWstATtunl_6DvI0o414iKLGCQlPCKXcvvQ4s6z4TTyl6g6-oWX8GqBgQ2wA62xcrPtm7mfQP3dhOu9Uw8lrbDcqr1aZiH0e0leMEhJ9owjOBUP34kbGz7R4exxmuvRe8vvTp4xDSP2aoFjaie9L045C5kJty2DT93fkHvEe8_xtYGief3hQmisqoqATYiX5rWilQIZvnVCks_ckOFAr1su6EJ0xgCsAGDQxaHEPjYgPg5ICxewmkAayj075tjIKxl4EuWJd6hdPwI2TLn87CUebN7IEMqOAHNNS15u7oKGPa04PR7QRlY5Kxtg0xQid9CYyzhU474s4hqX625USFThFfOiyF7IeEg0cZe05wEuj3KVau8ptzyVjSCOqQ5IxqgflCRlJ7VirIJTwuf88eM4LkIJGd0xN5Lp8eQaDuBwQrvU1ex2a7fgGK6ZCKXxe3gAK7J62Xg7newcXj6d7ML1ldSshZypko6soIE2Tb6BaSrKiWZC07WXIEojUU5J9G_f3TfemECfeI-p3jaif0KUM6dquExJHF2Dvcwzwgao1xUYXbWf_RJ6fMYctGSSlQkc1Q9N1j6ythUrfJaCYOE5eg7Ao-Qro6YyEAj42KsCymYR2BMFah81x1Z0Y-L2LxkmhRSpRNbAtDBQTkbVnmxS10gQ3JXNJFzXzoIL8LAF_SYzCSP7cdEWwFi4ifXDmiNzxPfYMxOWuLl1tw6xIuRekF99Vqc6Cc5Ng6EJwmOXA-iE8N08YbwDTGsTNespePO61Gi7pXsALg0d4gBGujqdt1K_RHoMHLdbBDaB0_nt_L7tv4IQRH3KOJznljj53xW87ALdCZOKt56JboDfAUjWv4Bo9AxQIkxryIrafptsuWlwqUsB1g9Tg3qppJE8nGA0hww9BQ5aKUp4y1UgbFxNtJTDNsnH5wwK0dIWkWjlom6LHA3T6lG6_NIgPxGhn2Un0C74Lvfkpn_ybME1jfkS6qTlGnxDlt7AQpBdlHSvSOcP5x5rG4DUuChVgfn-7ECOCZ9e0qF0P14Q7fai3MXUMZrqEVansD7_tyNiG6lX-e9ZauiHQ89nDNB-6aWOiPrC-3n52F9HvUrMZ4WWs-ryLjFlVNHvhthdftpMLOWzWU1hH38xEWPhpPkN9_-pt5BvTW3WpSLqCGcrgTwKnixUMKm-pT9qycPyqtpKWB8qVF1e_KHN44DbpGnaZeZaZKuxs29hhdhEi_iEQFnQXU2jGe0lpfx1AHZJRsOTww8lHWHMxl370e-oay1TNeZcf93McRImlnI0bBCsES-Gaa0Lnrb9XJdNghB1BVFturCfLlGILTp-UynIPNxdE3-o9AiTQLF8Y_DKob78nFyCQtJV0lJp6qvqyrRG7FFQXCWGCI-BL0noFYi4wMfetPMzmcEozC&cid=CAASEuRol5xsMlLSyWocsGx4IMpz1Q&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d449ef74d93fc655ec8d9192b3ffabf958ccddb71ec21eda51223847604c9f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC46 42 B
63 B 56ms
56ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPwfCmhULgZjKvR1dQt2lCqw0KJ9A8uySuhI2XMnG-ZdpVIv7GyV1X3hACMg0y_GlB43tFR57QKU69jvXoEBu6EP28zp884XyiVG9rvibunnABrao

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AC46 3 KB
1 KB 83ms
63ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC46 120 KB
37 KB 358ms
335ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AC46 14 KB
7 KB 44ms
25ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AC46 0
0 52ms
34ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyI16q6FXRsNG7rhH-DaaTMBHF61NjcDK6GE6DSXLPkkXXNONiJ2WIRm8CsrdM4ffcuGQI1uP7_ujXc2Racoxj7d7a4A
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame F5E1 4 KB
1 KB 247ms
29ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:20:18 GMT
server: ESF
date: Mon, 25 Oct 2021 13:55:05 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F5E1 2 KB
991 B 69ms
62ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:42:26 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame F5E1 18 KB
8 KB 35ms
28ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F5E1 3 KB
1 KB 67ms
63ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5E1 120 KB
37 KB 403ms
395ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F5E1 14 KB
6 KB 50ms
46ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F5E1 0
0 37ms
36ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4QnzAGJRqamwh1MGBmuEhysqqSKcBqF-Gl6C6qjhjJm_ryBTPYFQP4El2n2tLrae5g2kdCk4IXU4S-K7A1L54gq5pHw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame F5E1 27 KB
12 KB 235ms
21ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 11:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 21 Jan 2022 11:35:39 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/2583544259721820062/ Frame F5E1 28 KB
28 KB 68ms
67ms Image
image/jpeg 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2583544259721820062/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

1f39ff0894d5da731789a73797024a8573aafa6e58812066f537b9335bf5e1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 05:17:22 GMT
x-content-type-options: nosniff
age: 376663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28839
x-xss-protection: 0
last-modified: Fri, 04 Dec 2020 04:58:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Oct 2022 05:17:22 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1261682043130170079/ Frame F5E1 5 KB
6 KB 62ms
62ms Image
image/png 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1261682043130170079/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

613b6752635097d6f7251be15dcd5a3917c3ddcb092f322d8edd2627b04cc47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:57:54 GMT
x-content-type-options: nosniff
age: 503831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5528
x-xss-protection: 0
last-modified: Tue, 20 Aug 2019 17:59:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Oct 2022 17:57:54 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 189ms
189ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=5cb0175c-f2a1-4368-b48b-daa798038bd2

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 187ms
186ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=45b41efb-e90b-48c6-9279-355d175966f5

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F0 42 B
63 B 57ms
56ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMzTlqPiLNjWveg6zloveoWxws1hYKw-0LdbdMHTZo2psjF9MWUQYzvNVJC-J6pz7v4vyfutc9oG4_8Inzpag5bh-Tk6BZY7WkJMi9ZbQ0KrumcZU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 98F0 3 KB
1 KB 221ms
55ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98F0 120 KB
37 KB 300ms
299ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 98F0 14 KB
6 KB 194ms
28ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9370 640 B
316 B 34ms
33ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNUTvmGrW-Ki33VoaqmQw1INoUuooI3LolUjNnyIlsT50h2XhnvvHS2dChe0hudWUwscfRzc-dl7APMUKraTH3BWCkVKZrrV9Bdv5qGCTkOO-qtF_vXpkZ7qQL4b2rFEErJYxLc3W8plkhUmVgAc65uTauAAzzWGYTp8ZdyYrwNA2Oja6NQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNUTvmGrW-Ki33VoaqmQw1INoUuooI3LolUjNnyIlsT50h2XhnvvHS2dChe0hudWUwscfRzc-dl7APMUKraTH3BWCkVKZrrV9Bdv5qGCTkOO-qtF_vXpkZ7qQL4b2rFEErJYxLc3W8plkhUmVgAc65uTauAAzzWGYTp8ZdyYrwNA2Oja6NQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 25 Oct 2021 13:55:05 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 98F0 70 KB
28 KB 64ms
63ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DES0qbQJlwy5ImZ1bS-TESly8z-4647YCwYN7xi3YeUjt3Ojj7N55sdPngHPgaqNYjhGMYEoL_ot6vTdC6sLbmZL2fKDcW8BXNpH3t65k6-ZSFty_KSuyJU12K5AGlmcGQ_cmewtCw_V-CohUpQpAyuA2Tvw&dbm_d=AKAmf-CvIMHBFWK5VWGcNZryS9r5zBU62Hmh6Y1OdylveSxEKf1fyA12h4fS-YkB2blTF6n2XK79p4rF0P4bg1TcNnjlWNF17mh7PXqX6z67Q0f9zVbMPbSwEErN2z2G9fowfw9YfbKgzILBbYDF9-eF6pNlfpAZEI-rikqd5Hu3V9rzz85JVp_Dhk7OSuTLOEMzn2c1ogqyTizugE3Cd9_xKZOx4VBnWp5O7M2YgnZ2GeN93-DvaYBZqZ0P65XllChKYrE-uQHrPRFOT_2plYahmj8smka1c1SFqk1cyU93DoW7kkA-_WfUpaWpYEIAvVpu6fdNKJ3aUQHE5vYSX74lyfCpSWN68a_g6KTR0Muy9JLnD9e83GNkNiX0147niiv03dr68aaaouZIpzDjQna84bJ1JaGT-7KoWQ3FAlZkHyKkb9YzTBHDr31U4cOhEzW9yrFXvfYVA9QGSSITfOac7U-gLXSp6yhG1W94NWykTzaZtru5uXoAEhjdiwluXIMOgDA-nBBs3CIQh0eyBEq_NTIKTQ5jvamiZwS0c-LnZHUKKv9GSaw0QRTXBRddih_qOtu8nsJrwxit64sA9iry8i5JSSKAF3qGhkKvLzR7wfi2xfKkkKJL673tRNMuUFdF2VBuzhoI4Y-awnrNnaX6DnsbQ3_flNetC8YpG-FOejdfzAab4tjKVqKelW--eGiE7XMCwvJf8nkXXCIKypqsSKvF_gz5ZWrncLg48egNRbdOGkEbP_I4znRI2psMRKDHgi0XFTnzvNuWagAcn3cnNlty5iizBcDqAEL1WpMCi4YGRjzIlOecROeke2yzNttJ6eWa7Hpj9Nl4JFuRD0lPLPyUnfdjuaRopsvTsVQAuv29QOE1qUdaiuhYqPamgCFAPF8wM7K4ocgaocZS686A5M7cCT4dV_enlpmrFVHaXYmFvyRFpKcYGZ3n9JuhKiF8PDePh9JgX1PkevKz4Do8MNQ2hlProxpW8_o3w-wb1Vf403oKSEq-9S0BfWRVLQmLdpMR4GURozl7IILFjvAFO_VAeWEFgfPnv5yY0PgKNbG92ZfhIfwgWcclmxhelpemhHLm4eOfBt_wwPq7IdYZOmGlxfwuqWrA1GAAknyCBEEXiMkIOTsaAcPQdA7z9ZjhZqPYO-zr74z5WLSjcpveIbUk-7RJnOq_lXS3l0MhX78x5_RxFUQBe3_DE2-cO8XHQZQ5-Z-H5P6k3twne5AfbzmDHP-S2CFnl7Tgt0-Z-VHb0WS8OQVxyfsSrAxn4QFZPOf-HnmdSBdgsubPs7gQi5XCmjHgdSOecvvSQGRkKSF4wElZn5ghJebiPiFtSE_AfMfWK5D_LXmLX-a8yOQSdKMQi7gS6q1TIfk24FEHavca2qV3ukhVexoheZOPFLOyRcGkci5I5gvTg0R_HX76G6dW3dC9pJq4W_2xxLRi5TI-f27Y_sgcB6jwUVPYQZRRmF688nAjVPJd-VKKaKewJW2hUUsq5IShE8FpWVlaWZse-DSYRay3HoBfEINMy7WhUqCTKqg0d-VBozw0_b5j3RgI1yF5ORuC6KVonZyP7b8MDRGj7Hq5BUUNdK7it5wW1ERtIQYFP0pr4qNoFx0XvkpbdPHFAxSienDKK-vkRELXj4ink5wbKbXaNQqcf5JhGGnmnaHM7D7nVwTyYAft5wD7whHku_m-Oe60H-V-VbqEe4aPcwMTQU62aHPVAKj9X-KT2QAFHiC8KWR26eDZGWK0uPJDMSsNta1cbvHCJ2u9AsBLBintF9QLoNoJutNNH6oRXU5fQ3hqfDa2hFJgkQFG2NiyvLPQhrUQYWd_Go9EP3DI4SLWJHpXXIBVfx26X0GeJV6gXNOqO-RsYbOydT4NE0Eg5ZqLUqwTdtLKq57zT-lCViiJ_8OnSidL-pSsKwoLHHbLqYSmJG3uzL43fZ8VW2SeyfkJw2bZiowmd9V8_7RKF-gUJSStITWYpa41OyIXU3HrrcLJwcMqTZLeV4GLl9cxnZEuNAtx9mNlJpVgJIYcy-ZKBQXwPDXR8DHawFzn5AJ3zqsoKW7r0mLc2kUmoib9nox54_jXnYoDfx1IaE9YdbzlA9UrWiImgqqhNL9xJIjSomF1gnpOT3CLtNGOG9Ebkua4KK4MZEVU5f5qsTEUnhcr9GeCp3KRUtiAg8Ul9pQhFMFG_QdqTrJRvbBWkxjcYDS4TjXd0chPEQMoWL-XsuaaplAMIobSLgcPHiMNlup68ap7MY_ud4DxXM_4znRVwkMXtoxn3Kq1VuUomyaauGikHebRzQbdWKnpR75oEC4CqKs1BXlQtWFcCGssPRBW7LxlNT2ImOLppjd2OBViIJ8qOo9skd3JnUvwI6W_B4GvxtFz7YRsAR1p3E4JXX5xR5WmzU8uh2EDStgLT9V_mo_xkSC_C0Ejyy8tcM-zWBXYeriO7-SSCHKE0eM_dFTgIUTidrGpZfAzqe5MG61gSS2m7c-TEGPCxRlkWleK2FBzDvHR1mzP8IreN6GspYVPbLSloGX_8k1VI-vSdpfXJ8J51GsqfqjuAP86qDr8tXtLedx0JA_49LNouMqvABsd5cARHkeyvpWQHug1xIXgIfrHOdiThI-ngWNtyM2j1FJFCm0FUnsGtPJ7nc6FBPKbS5jISPYBYP_8oVdzZDtm89W1OCx0Pyhm9LFQ0iRCSh8oZ03BzMHWhjzI41kFl7AF7tWOYObI5H7YMkoXulanLp71mVE6dKZ8dkmYifHkCUm1Uryl5oSnmy7w_6NDOaSpKy8y1rJTRMrag2vpcUqcpXWWetWweXktsGCc-5fJ7jp5t4ENw39qSkulQbJlcb0RxEI0eclIKbrZ2aI_U0rPak9Av83fys6HShWZMqafG-wJ&cid=CAASEuRogaYtbT75vQdiJ2di1q8wEQ&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2569a38be60a4e92243116c2e13fe32199cc3bebe82937cd6158ec6c822e901c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28691
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 36B3 23 KB
9 KB 24ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUoerhECu_KU5v6StB1aF19MOqcpW70o4NtyhU4W9kwMcScMFa3_JQFLtp2mhXAwhYslgeqnHw0nwvqKeCPjWlrbsqKc2ybcD9nW0Tbjit1d6Tx2i3AIdFxuXDf9J7sSYszk6fUJIvRm8bPjlzabF_3PGhhQ&cry=1&dbm_d=AKAmf-BmK1O0HS3GkjKpsJTs6LdOZSqKlF1ZVRkbyL4IMbiL55Aj7nhsl5iGvqXuJT0XDrT2F6eGJ_R3AT0Kv0bNkFE11AD4LG7XH-qY6Fxq3HvmlN3VO-J7PdNM2XSaAqbVKmC1cYXCL5wqjU9f2b289XRNxILh9nqy4t06ogT0kmzpglRNZJsEztexC1c6Wp9pQWBCShppP_BO96Ml-vu6wswmxanomMsVbtk-pG3s-l773iKyLER5x6GiAXbU2wuALSllt9QGrO1L6wAfpjeLxSbtsBxH5K-Nqbfil9kj1eeSblStcnx1lJhmdxS3ZoUIuT510asLegY7zIoYR9TAznZMP0bwvfmiM0-j6Q5Udb2X3KdkuHuSEkMiOjIeLAhOISOJmemNKJBGcKqQ1I3JVHL0rfOrf1VxrJ3vTdDeWRC2R8VeDQZjjT89MMZUQ_TDNuoYuKc0Hyy6CaxUk-5qoARd9WRlbg3M6M_S6zH3vQLe88imtN_Tj88evMpfJWDtAkuMIz2RTnG-UxprZPFj7wEbSYaljYwr4UsytDUSJ8fW55tHRc8lNAd1YIC_znHo_4mPDM4mg6H6hsw8MVSAFWeO0ePI5AdwpHNUH7R_3V46iwiBMM_jnM2PE9CpZQuBiJfOV9NPq777kYGwgCkXElMtIGbK3klUem4tbPn-7X9LvuefF12_uJs-JDytoxipCcqC_LBr14lzEQAJKVOayxYse5RCvMJlqVtXSRJr1Cx6cjLq6LcerS_sQ9e-Eqomk2isqXpWyhbD4MuB5XPYOt9Fs876-AV_plXDvu-Vc81O99rTTYwRXy5M7j2WTovJwFuMKbZnaGgB0-Xm28KAdpaYZ1Xvo-uQD3I-b3UqqEKnRGCcI06buiqOKQt084gc70ZtvUhaQkz4-is3kvkYmYGQiKXq6WU2hirlVDCDXjlaJO6onfQgIrAg8wkK48IzHMTij0YmJasSsYKSYzbHKjVlywWpSPXkxOkac2ukvfIoXBjSr3MVv09r2ar-dSa5EkbsFiHx7lwdFSKpphA6gg_f39gzMVJHBVZfCD12rBCUrw5iVePCq2nX-lnY5MYfxMagVpxVlbgLHtAL2djIHmuWuE5y-KHKt273_Qi4VLIqq3NmAO4mWXtNR9e-JcG8MMolmndGqjpOW_jUG5F6cD8_2N92iyMHAuQdCKp0tiVjLRgNZa_jkocuzuBSzgmz3HQ_5_YbEMiIxP0-n4g72vMUk0Qp8iw9klCQnkfpsXg5xqKPidKT5pU3FwhPpEWEzgIsBU05I9c4T_HQaZ_QEsb7di7SdO_L-M_uAHcyEPG9qHyZ8jd8BUi5AuKscDP59X_Vr9cc3IAu3YvyE2ObG8gfrILB6cczLPUv3qaJXBr_D_6qFrkg-HltcQlpNW1ooW9OCm9NcQiJwLl4kP-Z7ye3I9AdPepHRazyUxOAFAgBwIR31FNHNt6ycJpE2zp_ytN1KKYoOjDKDiRLbkDbbQLKuHsMMlbm8Xmke5Y4GML4bAVTLuH4faE3vqaT8yfYJjOKwgUBl4D7dP-OBHDLb9x_bquFPCF1O60KIpH9W64EOp7wWujJq4GMBkQVW8L2m37jeys805ljHTSML4WR1GL-EPsBkUNVACCnNMt-aTinUX492KGGoyrSJIlKkwnNdVpeSjGxKVPi-5w82vr9zxHejZ-8onsfRxqOVhkpKTZS9fzXbJQQ46tYB6ceAA_wpMwH5VB4gMV8dg8jBaXs3MVqaaf0YUtfXxgvhqFF9014he9truSKuNkjzljpDAwdSuF6cxUgE8wPBPgbxurPDhe2dMrC7i1K-bbpK-Cd2VHpcqKrTfmcmdaCMZUsmXdeqogYOioG6aOdMCymrWZDG_qBPH6C6MZYPLxMseNUZD0DBVHMiGNPbGhDuElKDEL8-8LrJM_AaxTWxpxBk-PH5SiLnw4TvU68e9K2BeTYZHcbr3OtHN3n75EpYHkh_OJIcBvtcwuf1JoJGWXrnsuWK_ch2LjO8ldMNj2q-4iqAneceNpnJxG3bDygHS2FfvTtAfxb65EThtwhXoj1YqrbRTfpvHmbGG8227HRPVzC53FBE0353PUtEx_bt6ZN8mM1wbfpcrMpsGcvmxh9mQ0UAzNJ37fmE_c5iV9f-pBbdT6CsuVwGgwpD0bpTSf6Zem_LJ01KM__JbOofISHC9dDDHIY8QLBJemFm78R_N1gmw9y470ugvFgJqGxxzjEEdl3X4tVdoKJdL6PDR1lp3aemtxjJsLiz23F1aM7qQ45cNH1IO7lB1VyzX811d4qi1RKHogIvrRa7vo-1SpisyFKCAXpzxqec0d6mRgr4bAlFJ_d4Q0lMF1HyqnZ8Elmo5h_G78fabyjVP_6Xs1Aq16xdYK-3JrEAcTMSZ2zpjUVCPQL-wqTp4HUjfGBFVjglCRVPedMP82EzUM2wCZAveHcB75IMagcyKuXEzsR7ZvTeSbEfpnD8Xm9nNCm2i963wrdis0knWBM_0rfQ84S2CGtSHdTEloQEbx_UQ6TV8msOjnAdifKOvYkT6wIpVAk9efzvaHI_JsKj7ZXPKIOubC5QQDmOzVbYPQH3y--2fpJ9hZS_cuJ4rvYF3wtXRL4Pe1GmkfyqXDxz5ng8VSatdJeNBG5LMY7FyDXEJuakqFxzBuMyTfI1s4K5OTfZeF11ik1kESD9y27WXIuiQd9NYWS6BnnHAb7Toa9fodUF02TjfUXpnMURTYqtxQsA4iWGnVgo0ddp7KE6UChJrQn9O9wZzQEez1OhCf64PQ1TqSUKsYoWMgP468P6XdZSNYpQsP4mDVnDn-Zlgnkc70mK_kBCEqPcDpk6eCsPMO36r-Erqy83uN7ufsBwmWbsJMXTsdvzvuF0uuVuWfi_ueE3Oer5--NydJWX7e3PjBpyW72MnJy6CMu7o6nvJnyTqgQNB_mopXGx7grstgQ7261nD_0MYJD5LXwf_k4Rycdw_FB0tNzY6wVTv9DbfnMT3QpWlSi2MmMHtX4OQmWnNA7TPDPeqYyicDkT2StM4qH5CVy936ac8Or8_R8s-meouGJI2twJjbqiEpgUlUNGLIizDuK7pTdboYGFk5vLGRjHbmrSrhBh38YzZrgEPMCS3Dd4rE5qVXiRec6q_kLA33-e2tJftYbfpJOB59OyUwJobZfpA4YonS6ELZ5mDa7SYy3rh5BpLEYGZDQxZNyE2H0-EJD9QjrBHrZVeg0f2PVwoHGZu_ThMqf3AHr3VpeST_KBCuN5LFFfU-hbvrmH42msLYqvf9Ooi-RX5_mp9cCA_nVvSlFR0K8yCXAAVRAHD230IO3Q4hmTRwfxYMfi2uU-zI6-3M1wF0MsxU_hN5FTFDAcv5qte5kpN1JmW113a-bgO0VLmJWZWzB&cid=CAASEuRozINt6T4nBMVO3GxR6WAOiQ&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 36B3 41 KB
15 KB 190ms
33ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7FB4 1 KB
749 B 24ms
24ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17768
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 9D32 23 KB
9 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AID-rvv2fVKhLXb8WD0X9n-us2CSnscx_R117hkGwZ3k_QW5Ia8S6lCE3KdS27wD4_GdX2Qi0q84SpWn-4T7FSTrtsouSkY3nWs6t62AiTx6x11YpVomUDT3UZMQ91e0vuGXO7jKNALJz_dPkw9uL6zO2g-Q&cry=1&dbm_d=AKAmf-DCjuvGE4liROyuvcyOy9vbzKIWWcZ6aMiBD_lZNaV5AOPwH3mA7yTq4oitOjusfTykS_aUeVCUkOvuNMenBpz3RlS3v2PkZf98qN7l8M8ulrT753OQaQFzjZ-VSmZGolr270cdOoynTscy50QH8zmDKtz2uhxM4MkBC3nUVuCepl4LesNVIMVjwtzJo2sgNe0N79abcI1iXXF9m-T3R03cYPg2O5LnqntbOJjqF_2yM7URKlZXoHNcPfbsGoefP948fxioyBu9AXFQGE_9r1zgdE0JlyqyY9PRQO7f5Tqbad4YFy5VcBOBmjrKoA21e3PKH4BclYhIX9xYedS44xVBOuMypU6gVHO0RFp1IjIYy8ShX678JeCpKCS_TzqUGwgI_cwskCMFFXFhrnY9aeNf-1lRPA7txQft_PkAA2zUKxVGR7omCYdbytMwVqgrJhi1dlVJOC1u0KYKS1pKvtjvSCUIsAXUq0tfuCMFnaj_Nbhd29yGvkV-5Njr5bZa17g-dWz5NnqSz7V_KcWojLXNaJWpftjvLw33l5tYbBfJVkZBTNL13w9dhlXJv3qp4weUF4qggzBpb1MYePxmzvBrY-QGkCquAhpYLTpOvkjk73NRQCZy0cxXj8b4jDG4HUUhDy6gAlPE70qy19Z8TwAKKFW6CPdGMP-x7ZV4Ikl_sRqmUAsvyKndaBwNlnipNmxKy-k7vokeAWc1PmETx9BndN_XsyxozvHbQSbqmw7jLkRkqqdtkHo71aOxCFJ3CWFK0K28KG36ErUZbOdlFHme1wfujT-uTkxXHtQ4O4MzoRzdCO860wlvcLWl7WA_LofK2Azz5JVQvel7A1uIjb2BBMszF6ow2f_B5jhGVQkorjIyzjSrdW-1k491QmZEuEMZGWrxnzZTZ7v25xTarTLVxkg4rXIKhmj5TQTKRUEr-DdZsSfaoxdWch5q9luOG0SG_D6LXnATUUFDo7J5DX2ZB2CFL4LvBAVyU8Pu8tTRORJGo2bc58M5vRHBLpMUOQfK_crqL3juL85AQYQjL97HAXNpHoIr6bOfodGe8VdVja-9StRmDkvMv9AbCVsXsCK1IHyvtVjLcsVAcJqTFJRZZ7Kvfo9UKsVcZMSyPLr2KYER6GvdlsvuhXxoeq9GdhxfIwg8Nkmy3qGWGLGMS44caRnXZp9ol1xQFQ_YNQOhiSAY1IQssdUXRX3zYhzUQ5kmv-iq4oU8smFZIhbAbwyZkJdPdLegz4nrisQhF4_A3mzjtxTe7PRrJiJZojeMgHiAfoZPbsbCUIPx9rM6pxUCTGk64UJbFLj5T3JRSYVbuKOrr9oTvnuqZWhI6wQc_A42ZSkx4m6cZDAt7J0WRLEzLI05Wvd0ce0GQb4g02UCz-b0pdV6mE3UwfIIdeUbltugkiqt0D0DquqfPbfGuxGO1g_aGjGGrlQPwlPOG4zDpqbK_aTej7WiLqs8dZlH_31iOWXIfkxeRQlPtRiUASK4YS6wv3XQB-XLunMN4LoQxgKVBur1nUrIpepVTPyYx9p6P44sdhe3vglqLm0u6tOokgPTxUyRXQ47jkfIHeU5ZMzBktuo-e-uC6G_36NfUl5MZySQIchJ4H5wFAli8U5Ep0bxTM6qbaO7IXCo7xApcCqif3yOxgxuM9rvTxUZaFyecZvz-5OkNIClTfsRXdxnwvqHdzxOkrdMktOfoTfG5do5dzXBcWa8g6OFTUBoaRXLS3zK7X7sk9QLFaBf-5_-gweuPhjYU_7lLgIiET-wNeeuKy-fFIdOg_7tSIVJ9ORqHMEy7rpD0zNf8ss3S1TIh5EMnMKaNzJo7h5xBBp6Gt1ORettdVoV0_8WYHsY8iSpTAKBJKQERgS-oljQDhXCimIBCbCTooCkLdnSRfNbrobZhtUILngW52nb6SEdMIKGROoDnzpOcNSIXtdUMC_Wzszp_cF723FPixTsMtyfmpl8POlWk5cEL8o1NtyPpECJ0RTBhEQeJmzpYPl-1Y6DwCLcmAxqArb8p94KxTqIW8KXSd1Q66bb0TPE6PhMaBziFlgjpFA-RAeMk1JBuLyu27nd6OXJmoKWuazyCWSHtX5OX5HRQ-KZ3Q72z-LPt5TmKgTJPEXfVEnpswKP_ueWTpRPSiIY8uWNWayF0Az0d8Pnwx9X3FGe5w2eF1rLxcIFTBAOGJqErR4Gj59S2ie_a2CWbBjIse0E4jyICDrpM3bgbTnsOuhmgfJiLF296teDmla10RCQtUJmpgOTRCiBqVz3G0WEQmPSTDTIopCpjsPrO6OC0vFhVR8X6lzcyr8iP6FMjRd151TOgBI_1hyzLcPTT3tz-XsKWo9-b_J3JV1rdyPN6jDUrjZ43kwepvLz8j8lDuCM4VJ-06u_YZAPmW8LwGYxVxV0wlV8oETBXh4599Bi5rv7Dk7lcgMA05PjBc07u-DhFOV-cP7X3qrLPxXiVw4yS0ASm-zvmdcMERj6EtY3QrrNY5aI5g2mPo6nDWKBxQbfQIRTOFKb1YmUEjUgu2qrZ8gkruW_NoQLiMo5NBiMH78cfK1MvFSxEZV68hPG3KnG-9aQfm2hGACAnEIx208kIO-IOwpODcrKM04aiVimAADCAm9QcadN-Q5Jg9AqqEodvjykbFGkO0vo43MKBH9prlnxw2zjCd0sfMrkAEFdII6jJgRApKgddQ3pNTAvwHJswykktSWQvlI81bI0ai6wa4Ailztdu6MxEDPPrekM4jM_3SNGAzqLTkuCku211YImardj3D8GAr5eA75WMyr0aPRqRJ8fw6SmsUg0OCkNEI3iG7UU0AuM0NTMe-SZrbohSZWWDkGHmeU8Q9R7AvNXIVxkaBPNlRWmS6C3R67JHmhSJoOecZ46WnS6XTZoTJUBIriAjCxfgg4hnhqAZ-mgckGaAd7YUZ3TJ7tEzO8yX1VTJSNEv6luF78QactAo-l7idPEtWBfgvzzsozoLItybesVJK0Lc6jQJm4CNNlhLXtfC9-3D1apsHYgYTgt4AA8rlwJLj-wjE0365twvofBS4Tb1nnDaPbUf6F4m3Lbx4txSlyJKer5t7xkAby_LOIn7at__NjJmYecaRm_YGJPaFEjiPcYl9NGNDGxY11YapgczNZxzm7Yz9K_b268Z5h9RqOw-LfZ1cmsaztlLTdUyfVuZ0fIdKqM7J2ax_aCAgznOm5K6xg_MmWEigDe5dJZVsmSsjRcdkVQ6lhOF11qEgXDbuNYUEN2UaxWnbkwIsFMgIFXvb8it8nWuI1T&cid=CAASEuRoSjYT4YUzqikNo94SJ0xR6w&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D32 41 KB
15 KB 176ms
28ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame AC46 23 KB
9 KB 27ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9xv2qBHCRu0kN1h0zmVa-V_d8sTzuqod0z7xuO-O3uESnBdPe9rS7nyGCLWn5JyC51uHqQUpELiZCxtlCGLGKGfXTVr-U8DeuJuVhE_HFlsrGeatrrhES9uk0ykbyI_80lIk4G6CfbGkTH5C8EbWRYWPgFg&cry=1&dbm_d=AKAmf-DGxJQ2hEfAripA_uirjUWPjmbD4YRFXJWozAEXNlN9x2jPOBtYkNz2lpCglu41ezp9FgNJj0vIav2KZP_81ax9xasoXZsJZ2KJPZjc9R1H0__llYEX6hC6Ly4pvgx1oOe6q1Mdj3Rt0cvR5at-17Mr1VYv2Zvs0Mlmgxr7gU6OMmSVhgV40neKI3IEbmKcYnWp5HI5GU8-G56Ms0_jGPZHz7keqPK_4AFf0eK289WnuWsulLz74UExMqsZSqWnarMCZE80gi89xP2PtQ424p5F5MX_o9trIGGFRambDiWm4Xz-8b-YoaLFKm-fADk0_DM0F0jyx69NYWNepTQeJmrzniIidWmiNtT9_nEdg0vCce6Bs1zLWAhagNJ7QANoBGRvpwSw3llkdrtf-KbffNDy1oHknEgAOMS1F29DdpjCjbKDL1nv8F7bL4A7TRrG3fvZibzKL-1wTWntY_4-Iw1mvOuZ0o3E1YPPombM2GQuawias2Dn2IoYCRPD8XLuvQEhqjyx3sb3VOKhM_58AWppPRxj7oybx_FrNN_7iSiL5zXeg4T4iWCHRh4IhnG-nFCUlO49Xu8_3G9OkF9XuHuXwokEk-FqN8jWlVQ1xhkohDDXN7pGZuA_X-Unh-8ZF-5zbg_BA-2GOKeOtvqYYtNHL6qVMZeS2QYDISAm8jDtyNXHpY-2QPkGlwCzUO0JDCeIzoBxp8ETamGZ-q4BpG9KWi4HJPZDw8sFqQuJ8tJxwps9YP5K2JNsftXyuZJXoWZA1oHIPnZe8H0ZQ4SpPZvW85OxzpWSbqWKB7OtJYdAQEZUElzIWglSHkeMNf2hV5fD-W4O92dDtfVtYL-kXx4QSIqD-VGmkI9v27i0r_KVBGBZx-Cu8D51EpVUt5Y5emARwug5m_CzERE9sjP5ohmmGGt311ApzKLruEfRN6YsrNvisRz7AzN-Pww0yXRcuFDMTmJvf2RT_IyHzSJLVaSIOKUNK34KJNCekz0CD0DkyUZb8zE1Sy2f0HXrqVvo7HxJ-yvfMOuoeJx_UAW4IoWcagiMPz6mbDKPB0QtuSo8X-g0Ij54V5rEq971jxTnOGhlPCC0sPUAF8SA7SmjGNlLME8yIv1aJCpRYJ5mCtlPWZF3w3ryfNkYuS93-4MzHZQZFQwABodHKrPAJzkWXfhbiHQjloqqI1ofM-JGgEFrJlCsVj8_rNTA9mAVWEaXy3qH0de4mjO5xOv5G_IdoaQlzzvItnTCMJKSBIQkjl_ngisFkRy7Sz-5V7HoOe1S_HCL5SgjF7J7Hro2TP6B-IXFjX_3MWX1VFJcNrnsCw05zdFUVM45lpogeY2a1Wo1rburF6u5KPAOuMzO06Cjio32ohEWx3WztFrYBmg4z-mN1hXqiGzBtxcO3fw2ugHt8ctpTjd0IbPczpu3lXxVvofcJ9v_ROUzFWwe2Jy1avFADpmORKItF-NI_-ePLQq0vchg7b5QSQlLUzgCcYtGXh8hJoum_d0d2SAfU6qx2N8COyZxh6fMW3vZ72K0Tgh92J10DUUzOxXOizzXh3Wh3W0dS5pIpApbllZW0YJw0EHEN9LIGiAHkY84ByWVRNdYYqjFUNoIUzSySKgCYzZ_0OQtotwq_929juQHtqPwMwNMNVSEbiCcphxv_8koWhcUQPv0YaDBovTVqeSy6HaqFjufX8OEXuMT9F4Cp6g_lGddQSWKYpLx5paA3J8dHL0fL85T8b-4iVCBS5dX7SbMGuJSAzRTIgDlD4Dc6oIlnukwdKEeR7h9PhrgtDqd8o5sacFw7GCTl9BmSuZgqtvff-itXeHdawzH7aJtSrb4uqlVGdM2A8hDesNdiRVSCOZhKDfZE7-ST6hrOuy1Stf13R6M0pHnY2pMDWdwTEK2wbARwxxGhXbAk73sN-yJ0HaDlX_qXVU0qt2ydShNLfViA0N1A6SMl5bN2E3r0wyoUbyzRgMWn824XAGk8DQWP62a00jVMoX6g6piyCUIIrong4VHpjZwBGuuUXkzNKiR4WLOqA3Myf6DfX2MqSyiIEFbs3u5Fktx1AJNuBsbNDejDJZ9QMr1h3VkpQw6sjtRHd-Ly4FKZ3RCclQT4v-iJkvT8HEyWstATtunl_6DvI0o414iKLGCQlPCKXcvvQ4s6z4TTyl6g6-oWX8GqBgQ2wA62xcrPtm7mfQP3dhOu9Uw8lrbDcqr1aZiH0e0leMEhJ9owjOBUP34kbGz7R4exxmuvRe8vvTp4xDSP2aoFjaie9L045C5kJty2DT93fkHvEe8_xtYGief3hQmisqoqATYiX5rWilQIZvnVCks_ckOFAr1su6EJ0xgCsAGDQxaHEPjYgPg5ICxewmkAayj075tjIKxl4EuWJd6hdPwI2TLn87CUebN7IEMqOAHNNS15u7oKGPa04PR7QRlY5Kxtg0xQid9CYyzhU474s4hqX625USFThFfOiyF7IeEg0cZe05wEuj3KVau8ptzyVjSCOqQ5IxqgflCRlJ7VirIJTwuf88eM4LkIJGd0xN5Lp8eQaDuBwQrvU1ex2a7fgGK6ZCKXxe3gAK7J62Xg7newcXj6d7ML1ldSshZypko6soIE2Tb6BaSrKiWZC07WXIEojUU5J9G_f3TfemECfeI-p3jaif0KUM6dquExJHF2Dvcwzwgao1xUYXbWf_RJ6fMYctGSSlQkc1Q9N1j6ythUrfJaCYOE5eg7Ao-Qro6YyEAj42KsCymYR2BMFah81x1Z0Y-L2LxkmhRSpRNbAtDBQTkbVnmxS10gQ3JXNJFzXzoIL8LAF_SYzCSP7cdEWwFi4ifXDmiNzxPfYMxOWuLl1tw6xIuRekF99Vqc6Cc5Ng6EJwmOXA-iE8N08YbwDTGsTNespePO61Gi7pXsALg0d4gBGujqdt1K_RHoMHLdbBDaB0_nt_L7tv4IQRH3KOJznljj53xW87ALdCZOKt56JboDfAUjWv4Bo9AxQIkxryIrafptsuWlwqUsB1g9Tg3qppJE8nGA0hww9BQ5aKUp4y1UgbFxNtJTDNsnH5wwK0dIWkWjlom6LHA3T6lG6_NIgPxGhn2Un0C74Lvfkpn_ybME1jfkS6qTlGnxDlt7AQpBdlHSvSOcP5x5rG4DUuChVgfn-7ECOCZ9e0qF0P14Q7fai3MXUMZrqEVansD7_tyNiG6lX-e9ZauiHQ89nDNB-6aWOiPrC-3n52F9HvUrMZ4WWs-ryLjFlVNHvhthdftpMLOWzWU1hH38xEWPhpPkN9_-pt5BvTW3WpSLqCGcrgTwKnixUMKm-pT9qycPyqtpKWB8qVF1e_KHN44DbpGnaZeZaZKuxs29hhdhEi_iEQFnQXU2jGe0lpfx1AHZJRsOTww8lHWHMxl370e-oay1TNeZcf93McRImlnI0bBCsES-Gaa0Lnrb9XJdNghB1BVFturCfLlGILTp-UynIPNxdE3-o9AiTQLF8Y_DKob78nFyCQtJV0lJp6qvqyrRG7FFQXCWGCI-BL0noFYi4wMfetPMzmcEozC&cid=CAASEuRol5xsMlLSyWocsGx4IMpz1Q&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AC46 41 KB
15 KB 193ms
47ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 48ms
48ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=9&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=32807cd0-371e-4036-9392-7e6fa9904f12&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 57ms
7ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=US&am-uid=897932f046674eef8555562ad3eaa2e1&cet=9&zone=45B41EFB-E90B-48C6-9279-355D175966F5&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=18656807-284b-4004-809a-ce6dfff552af&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=88b297e3-b1a8-4dbb-882e-78a61626c6c4&inst=ADS-EU-6&ts=637707669039410148&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame F840 23 KB
9 KB 28ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvOyhagneLLS8wyJnufdk6pOCv8p5_lpnQOGfH_Q3GevK5IASg2vKbGczDco-1Lmk_8GgI2dHQ7cAMgAikbRgczmgMPwzIWI_0NwhTc9jCYiIkjgev9Xt71juFxRfDT5ZyKMi9zyZWrjvjdU-p4gJIYjzi2w&cry=1&dbm_d=AKAmf-BKwcBmwEhHaYqB9hGMtey83Mbm8OrnM-7UpfS7y42FSVrpVBgUAHyjr8JEHimni2_1Wbbvj8YEA1QlhtPAcj6PRC95poz_0wxbwJkTfoaMIufk3abxAtaB40nFaG1TXRI43QmOF73Cik8tGMzGpf5Fwp9r0VmLZ8rGbnpPnWIh1gBfib-Q4B4gVGW-kgS3YVgh5MfxX1uWNKiegGGfKvjvXcpQ-i19tfML27ZiEN4WRy4embiYkLo_QjUmcpFnjLreRXTPZoIpsEeTGP5EbFlgY84MiPPGw6RVR7tE8wTnud-nAFcmR-5RNUA-7OzPJE-9RtFPWB1nX73VDPX__V6pfen3AYeAFKWVKrLZ4Ev3UmHWWkW6bwsRw0SFU-TZv8yawF9PJmRCnt_b6qjTfGU_jwLGosrLa81zNBwHj8NLrpAsLNDR90EAzRg83eH_wSxA2A_tA_elrPA0MubXfnAWgqkIc9rlS8N9-o1sZw-lKM3kArduMTABhMFT34Y3Uh2SpOMoEHmdRNLSU1m7cM2BjZWImu_KRH1NKMEeXDGWvWTVqc12VmFUTXGjqcKxQY25PCC0ZmM0MbDyq6czuKZrZa5sWD4drehGEuuLcIJ0dj_fjDqM-b0507BxnYJiZqqBjESVayf8kj8dthcjBzkCLp1pHxkCdHc7JTqzDDULrbCiuvu0UGJMCVmEapucZQyoPiFr13Cn1Jt6-j8xRz2OkmNiZyjv7RnJ1F_H_91nL_Z1tXePd4AZZQEq56k32Bg_htiYZxx5NxqBwfo2zwZxVMBKlYtGTSxH_9qZAICD94v_VJ1HkUHFuZbjs5AwqSPNZPQHH2QVbmGAykn5HvYPUTyh2pM2U5kWyEb_IrvNIo_F7dPEp9tHbLM_QEtM6TpqT7Q9DSS_wlVwyy2KEg_HL3MT5WlOQRIH4d_rNZlq9XjPqnE52QeFNV1L7FGjZarp4Y2DEMbG0cHgPlfh7DlgRALui-a0kCLkzqo-g1oPlO0n7E0U2J5g-36_ibouVbiXP16CwhW2TXQfu-11kDwq3mbgQwH_kr_W3PKBqoJkSrcSdZGn-RKKx9yxLzhVS4BzclTTfvnv3Swn6xNH5-vBwlO5a6dv_GV_Ud4ad6mxgmcNsAQNYjesfFgpBULm2q6kGm9r4zWfWd6K0cOL5buUHxX4unQIyNcMII9RxlSFqmMVD-I88Sgmf55fLAkyAXe4aF5tKtLUlb6WnmTR1PpF4UqWsKOo4hb4oxt7YpM_jnC2O_FdYYGpBAnBY4sbLf0fYXKqA1ZIZBdT_rabxZVmWAYqZnb7BtnfFhyEjRf5--nBWfvD0RnJEmLq75J1vJN1oGVwY4K07zbMLaXYAWjiNHHiFp7ishoSbeR4HmXYbUkxYjBeXKkV03Rx6ux8HBMtSVyENZ6cZF8ZNqFEf4XJT0jbyZycNzAQihnElyA88si8V8dLSx3w0i7a9iUZ6a-FUc6x5qIApGYZ6R7id149qRqRQI-URZgoBgkZ1gVfMoqIkBVfBDXbd6av31Ci5gFY9jzENajj7KGgWbQd1kDWi5Dwii5NYZTt_oJkdZGYWodbIpWLWg7AbqeWX-rkv_JJsCkZ89c5mEX6uFR0DuN4kiLx8F-i9vN7F9k-VnpPsqoF-c21zn1_N6Yf1K0qOnHuE9E1m1Mmt5d5iv1LCPQzWAgaykftKYPrCWYtYq2IlxhP3HB1RAgX3DaFgBoPtP5lC5PynyRwNDNs6c5Uo37qSt6nqCxBa-fyrQlScjvKVk9NPBcu7Qd33JjTVHlNagiF5UO9K6NtuUWwyXKr9zwkSmETxSvHSw1v4hwAfEfV9YrYG8IJu4-Expa3bFrMBiLCJXcSLN5tG9DHq8OJT17RkeDZqmfGZOE-F6DAulleKyvbgXLJBVKxFhfWz-r1Tjz8TBLz_cOUqrQJF4MAb-tnm4EvFBzBEysKD5I9qZ4LkMaqfS6Jun5dnV-EPHBar00_XEBpMw4aVJeHsczjGLmgo7MWKZaLGoAiCiijTeY0RxkEgtL-Anp2Reeat-cqaHmzkQIPrcVji7Icop3CgKsonRvXJVZDWRO5m5zIyUu94_myR-evnCUojvZqrVn3k5jIy3vZYPwKgJJ-FCVoWXbc-vjI4b1FcrrWMdiQ8PWM6Ri_rZS0TxvfxocyIFvZxzXZsNgCkyBIHhITHiW2zb0grRd3RKyyxPD0SFEs6Si-7x2w43-k767yu6By9f6E-I4t7GIjhaKkO_yC7TgRQqDa25P0UJpcGNt-5ZyJp8ZYFgqfNJ9v1HmU_p2X3WYULyjkrMzQcVBOUJEuwpv4TMANQA9MMVz-gc3sjEQNCoAuoT1wpDU6aQSAzZqwelwLVsxgNj66u1_IDypYJC7PNxHp0A0nWYDAVHEn17BsFfQY4iYTIBX8XAcFCIvKJBbiO6FU6gxaf8WddDQAZTVQTIeInB3Rs_qjqz92DytQKh8Eoub95zTwPazjxVQshli7_Gq3iDdBFi6S1CSVgj-OftlrRRzU4_egAto_IDCD6MZyu3lQj716UOnUIL3KHPcRWTy7lRzHtIAkVPeYJ0AoB46UrrffMXd6txzX7HAH0D-EjJpNdE__MO5tYfp5LHaSe2mWFjlNwMe5AIU69LbC3JGGE_-SoaM1EeyQo9Kou4ucRh1pzEkZCZE81I28t9m4XJW8l_gjqsaJsU0mS8NApZvX6_cqlfFu-BVP11M4jmIbDQmeMmkYoOXkJy3MhX88jII3mjykL53Mr8CC-PbmXe_K5c2Ysw-BEAaD00Pmebuke1u1uHqlFba2tCCq_ezJDWvY8lDcEmgaqKSycT_EIZSWMwzHgtowuJqfoqpZz3x-1gW-Eie23qkoGjUHp3fOUnl3AmiEO2PIZGD5fkUcI-MZ__Tshgek-OVw2k-jdfC2kVmdUWGIy-STaJ3MTX5NJSFG8fHHFuurS5eEnDzc7hrOpCwhXCR7OA5ZVWyCiCi0Y8qtVnhrgg4K4eKwiAfLEtFpsrOjA2QWiznwQesUPu8YHcR0VXNiZutsEdcyw0LxUwBGCLpUs6czXSwTJ3l4olM98CgjWOroCKvW2ADD67_j7p2wmap6jDNf-YbmxKGa45uGbWN2WkG9YY6lsycEX9OIIhb9fLUln4KFGRIshkExDssLbqCQynO0MZZeGMh5NXaIHOBfNT82LA9rPuTNN8SfJpcGfuyk6CBqS69WfnssHpj6MOyIxzB394eHM2PupaoxePN5Rb010ryN8S1iSuf9CzPk&cid=CAASEuRopxkbI6x4dTX9AoRNr59Rtg&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F840 41 KB
15 KB 190ms
48ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 150ms
105ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=371e73f5-9f85-4bf5-a811-87cda8e1dc6b

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 124ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=6f66d37e-5989-4e49-8e9b-1699cfca899d

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Oct 2021 13:55:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 container.html Show response
4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E2E 6 KB
3 KB 22ms
21ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 25 Oct 2021 13:55:04 GMT
expires: Tue, 25 Oct 2022 13:55:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D4BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
1014 B

21ms
17ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWhaLfbGnWitkaED2wLLOyCmXoYcKE4UH-xtpPpkYvKlC4rxdWVDjpB5VB2To92b_Ct8Sm5LGeJiisu6ntOOq8YsBm3xq7mirk3PZPbUXKrr9ji_WWX1eohF8PZpavY7y1eBTpVzj41AjgIATTJQoDDqd9uQ6glUv2eS-_ba9mDtfvw4Fc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D4BE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
894 B

20ms
20ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWhaLfbGnWitkaED2wLLOyCmXoYcKE4UH-xtpPpkYvKlC4rxdWVDjpB5VB2To92b_Ct8Sm5LGeJiisu6ntOOq8YsBm3xq7mirk3PZPbUXKrr9ji_WWX1eohF8PZpavY7y1eBTpVzj41AjgIATTJQoDDqd9uQ6glUv2eS-_ba9mDtfvw4Fc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D4BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

0
578 B

7ms
7ms

Image
text/html

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWhaLfbGnWitkaED2wLLOyCmXoYcKE4UH-xtpPpkYvKlC4rxdWVDjpB5VB2To92b_Ct8Sm5LGeJiisu6ntOOq8YsBm3xq7mirk3PZPbUXKrr9ji_WWX1eohF8PZpavY7y1eBTpVzj41AjgIATTJQoDDqd9uQ6glUv2eS-_ba9mDtfvw4Fc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fbd61f08-a329-4bb0-8f7d-a811481effb2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4BE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

170 B
188 B

42ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d0d667c7-42ef-49ec-b04b-e48b7c4d0767
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 17F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
1014 B

23ms
21ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVAyb4r0rL9gMJHTQXwZTCT3qfVhM9ElwVI1f7wVJWWPjB5TFS3JsCncBx87LlenBRpK6Vduh3y4UcnIz8LVqADlrySiWRVa9GeNwX47SAzLK-18Ge5e2yVXhUbo54ZCRdKPgBHIPcFYrnnlTagc0f7uOT_1hZZg7UPtCvLVqJsqdFMhFY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 17F5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
894 B

19ms
19ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVAyb4r0rL9gMJHTQXwZTCT3qfVhM9ElwVI1f7wVJWWPjB5TFS3JsCncBx87LlenBRpK6Vduh3y4UcnIz8LVqADlrySiWRVa9GeNwX47SAzLK-18Ge5e2yVXhUbo54ZCRdKPgBHIPcFYrnnlTagc0f7uOT_1hZZg7UPtCvLVqJsqdFMhFY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 17F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

0
578 B

54ms
34ms

Image
text/html

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVAyb4r0rL9gMJHTQXwZTCT3qfVhM9ElwVI1f7wVJWWPjB5TFS3JsCncBx87LlenBRpK6Vduh3y4UcnIz8LVqADlrySiWRVa9GeNwX47SAzLK-18Ge5e2yVXhUbo54ZCRdKPgBHIPcFYrnnlTagc0f7uOT_1hZZg7UPtCvLVqJsqdFMhFY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 42902d83-e7ff-44b8-a4af-b34cefa0ac8b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17F5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4NTgxMjk1MDcyODEzNTQ2OQ%3D%3D

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4NTgxMjk1MDcyODEzNTQ2OQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d22a0512-8572-43b6-9837-3525659d1152
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4NTgxMjk1MDcyODEzNTQ2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 98F0 114 KB
40 KB 104ms
45ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:05:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 98F0 8 KB
3 KB 24ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DES0qbQJlwy5ImZ1bS-TESly8z-4647YCwYN7xi3YeUjt3Ojj7N55sdPngHPgaqNYjhGMYEoL_ot6vTdC6sLbmZL2fKDcW8BXNpH3t65k6-ZSFty_KSuyJU12K5AGlmcGQ_cmewtCw_V-CohUpQpAyuA2Tvw&dbm_d=AKAmf-CvIMHBFWK5VWGcNZryS9r5zBU62Hmh6Y1OdylveSxEKf1fyA12h4fS-YkB2blTF6n2XK79p4rF0P4bg1TcNnjlWNF17mh7PXqX6z67Q0f9zVbMPbSwEErN2z2G9fowfw9YfbKgzILBbYDF9-eF6pNlfpAZEI-rikqd5Hu3V9rzz85JVp_Dhk7OSuTLOEMzn2c1ogqyTizugE3Cd9_xKZOx4VBnWp5O7M2YgnZ2GeN93-DvaYBZqZ0P65XllChKYrE-uQHrPRFOT_2plYahmj8smka1c1SFqk1cyU93DoW7kkA-_WfUpaWpYEIAvVpu6fdNKJ3aUQHE5vYSX74lyfCpSWN68a_g6KTR0Muy9JLnD9e83GNkNiX0147niiv03dr68aaaouZIpzDjQna84bJ1JaGT-7KoWQ3FAlZkHyKkb9YzTBHDr31U4cOhEzW9yrFXvfYVA9QGSSITfOac7U-gLXSp6yhG1W94NWykTzaZtru5uXoAEhjdiwluXIMOgDA-nBBs3CIQh0eyBEq_NTIKTQ5jvamiZwS0c-LnZHUKKv9GSaw0QRTXBRddih_qOtu8nsJrwxit64sA9iry8i5JSSKAF3qGhkKvLzR7wfi2xfKkkKJL673tRNMuUFdF2VBuzhoI4Y-awnrNnaX6DnsbQ3_flNetC8YpG-FOejdfzAab4tjKVqKelW--eGiE7XMCwvJf8nkXXCIKypqsSKvF_gz5ZWrncLg48egNRbdOGkEbP_I4znRI2psMRKDHgi0XFTnzvNuWagAcn3cnNlty5iizBcDqAEL1WpMCi4YGRjzIlOecROeke2yzNttJ6eWa7Hpj9Nl4JFuRD0lPLPyUnfdjuaRopsvTsVQAuv29QOE1qUdaiuhYqPamgCFAPF8wM7K4ocgaocZS686A5M7cCT4dV_enlpmrFVHaXYmFvyRFpKcYGZ3n9JuhKiF8PDePh9JgX1PkevKz4Do8MNQ2hlProxpW8_o3w-wb1Vf403oKSEq-9S0BfWRVLQmLdpMR4GURozl7IILFjvAFO_VAeWEFgfPnv5yY0PgKNbG92ZfhIfwgWcclmxhelpemhHLm4eOfBt_wwPq7IdYZOmGlxfwuqWrA1GAAknyCBEEXiMkIOTsaAcPQdA7z9ZjhZqPYO-zr74z5WLSjcpveIbUk-7RJnOq_lXS3l0MhX78x5_RxFUQBe3_DE2-cO8XHQZQ5-Z-H5P6k3twne5AfbzmDHP-S2CFnl7Tgt0-Z-VHb0WS8OQVxyfsSrAxn4QFZPOf-HnmdSBdgsubPs7gQi5XCmjHgdSOecvvSQGRkKSF4wElZn5ghJebiPiFtSE_AfMfWK5D_LXmLX-a8yOQSdKMQi7gS6q1TIfk24FEHavca2qV3ukhVexoheZOPFLOyRcGkci5I5gvTg0R_HX76G6dW3dC9pJq4W_2xxLRi5TI-f27Y_sgcB6jwUVPYQZRRmF688nAjVPJd-VKKaKewJW2hUUsq5IShE8FpWVlaWZse-DSYRay3HoBfEINMy7WhUqCTKqg0d-VBozw0_b5j3RgI1yF5ORuC6KVonZyP7b8MDRGj7Hq5BUUNdK7it5wW1ERtIQYFP0pr4qNoFx0XvkpbdPHFAxSienDKK-vkRELXj4ink5wbKbXaNQqcf5JhGGnmnaHM7D7nVwTyYAft5wD7whHku_m-Oe60H-V-VbqEe4aPcwMTQU62aHPVAKj9X-KT2QAFHiC8KWR26eDZGWK0uPJDMSsNta1cbvHCJ2u9AsBLBintF9QLoNoJutNNH6oRXU5fQ3hqfDa2hFJgkQFG2NiyvLPQhrUQYWd_Go9EP3DI4SLWJHpXXIBVfx26X0GeJV6gXNOqO-RsYbOydT4NE0Eg5ZqLUqwTdtLKq57zT-lCViiJ_8OnSidL-pSsKwoLHHbLqYSmJG3uzL43fZ8VW2SeyfkJw2bZiowmd9V8_7RKF-gUJSStITWYpa41OyIXU3HrrcLJwcMqTZLeV4GLl9cxnZEuNAtx9mNlJpVgJIYcy-ZKBQXwPDXR8DHawFzn5AJ3zqsoKW7r0mLc2kUmoib9nox54_jXnYoDfx1IaE9YdbzlA9UrWiImgqqhNL9xJIjSomF1gnpOT3CLtNGOG9Ebkua4KK4MZEVU5f5qsTEUnhcr9GeCp3KRUtiAg8Ul9pQhFMFG_QdqTrJRvbBWkxjcYDS4TjXd0chPEQMoWL-XsuaaplAMIobSLgcPHiMNlup68ap7MY_ud4DxXM_4znRVwkMXtoxn3Kq1VuUomyaauGikHebRzQbdWKnpR75oEC4CqKs1BXlQtWFcCGssPRBW7LxlNT2ImOLppjd2OBViIJ8qOo9skd3JnUvwI6W_B4GvxtFz7YRsAR1p3E4JXX5xR5WmzU8uh2EDStgLT9V_mo_xkSC_C0Ejyy8tcM-zWBXYeriO7-SSCHKE0eM_dFTgIUTidrGpZfAzqe5MG61gSS2m7c-TEGPCxRlkWleK2FBzDvHR1mzP8IreN6GspYVPbLSloGX_8k1VI-vSdpfXJ8J51GsqfqjuAP86qDr8tXtLedx0JA_49LNouMqvABsd5cARHkeyvpWQHug1xIXgIfrHOdiThI-ngWNtyM2j1FJFCm0FUnsGtPJ7nc6FBPKbS5jISPYBYP_8oVdzZDtm89W1OCx0Pyhm9LFQ0iRCSh8oZ03BzMHWhjzI41kFl7AF7tWOYObI5H7YMkoXulanLp71mVE6dKZ8dkmYifHkCUm1Uryl5oSnmy7w_6NDOaSpKy8y1rJTRMrag2vpcUqcpXWWetWweXktsGCc-5fJ7jp5t4ENw39qSkulQbJlcb0RxEI0eclIKbrZ2aI_U0rPak9Av83fys6HShWZMqafG-wJ&cid=CAASEuRogaYtbT75vQdiJ2di1q8wEQ&rfl=2%2Chttp%253A%252F%252Fdynamo.kiev.ua%242%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 98F0 23 KB
9 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7FD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
1014 B

50ms
31ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXewEnMtG7KX6jixnmL2cS6H9a8fC0bL0pyJPtUNfYjviQ4puPqPjPfAbryRTNLbMetbCzm4cH14Kng7cRLoKpuyaK2udiKp7kDPfAOipSQKJumAo2PMNVXY2Zg3gstJ05us4nDyZIvhD71VMB-7ycKWcYoHtiVQg9eeqC0-bDQq9RL5WI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7FD6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
894 B

20ms
20ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXewEnMtG7KX6jixnmL2cS6H9a8fC0bL0pyJPtUNfYjviQ4puPqPjPfAbryRTNLbMetbCzm4cH14Kng7cRLoKpuyaK2udiKp7kDPfAOipSQKJumAo2PMNVXY2Zg3gstJ05us4nDyZIvhD71VMB-7ycKWcYoHtiVQg9eeqC0-bDQq9RL5WI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7FD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

0
578 B

35ms
21ms

Image
text/html

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXewEnMtG7KX6jixnmL2cS6H9a8fC0bL0pyJPtUNfYjviQ4puPqPjPfAbryRTNLbMetbCzm4cH14Kng7cRLoKpuyaK2udiKp7kDPfAOipSQKJumAo2PMNVXY2Zg3gstJ05us4nDyZIvhD71VMB-7ycKWcYoHtiVQg9eeqC0-bDQq9RL5WI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a8c02030-23a2-4b83-8d1a-2d85864fc877
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FD6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 38daa3f9-36bd-46f1-ab2b-b596ccd528b3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6AEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
1014 B

47ms
30ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPFC0P2rfM5FBSRGoSifbmrxMeG3H11nEJr-MJBkIpvHJumz1jqP1UDhuUY2XUQg9ZG5kJb0Iqk5CI96CqvfSMZkm9VgmXSgbziOjxC0thfZJujPsZmkIhRychqZFTRA__8uTp7rm-2Rd5fbAyg5wPRVCfgE-BLT01SzfcMEiXMuDMBY0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6AEF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXa3OSN6TwXEtyS2mT4VZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1

43 B
894 B

20ms
20ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPFC0P2rfM5FBSRGoSifbmrxMeG3H11nEJr-MJBkIpvHJumz1jqP1UDhuUY2XUQg9ZG5kJb0Iqk5CI96CqvfSMZkm9VgmXSgbziOjxC0thfZJujPsZmkIhRychqZFTRA__8uTp7rm-2Rd5fbAyg5wPRVCfgE-BLT01SzfcMEiXMuDMBY0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcUjShSZnomtWHLMeNzCVQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6AEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

0
578 B

48ms
33ms

Image
text/html

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXPFC0P2rfM5FBSRGoSifbmrxMeG3H11nEJr-MJBkIpvHJumz1jqP1UDhuUY2XUQg9ZG5kJb0Iqk5CI96CqvfSMZkm9VgmXSgbziOjxC0thfZJujPsZmkIhRychqZFTRA__8uTp7rm-2Rd5fbAyg5wPRVCfgE-BLT01SzfcMEiXMuDMBY0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e34b9091-902c-408d-9e0d-0ee4fdb4650c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEESugXanGBJuy97FXcbb2Hk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AEF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

170 B
188 B

58ms
58ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
X-Proxy-Origin: 216.131.111.46; 216.131.111.46; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e323d608-7e7f-4abf-b17f-4ef1b3520ffa
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5Njc3ODE3MzMwODYzNzAzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 9D32 11 KB
4 KB 56ms
19ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9c4825e1f0de44c1e759b1366812b97c7201dd05a3675ebf13a56cc68e459297

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3855
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame F840 11 KB
4 KB 54ms
19ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8abbc732ff697804585b19e5e25ab9492457c1c18097dde77e1bf7df454fd885

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3855
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 36B3 11 KB
4 KB 50ms
20ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f1c25e7ed8c03d85775b93446de73363ffc1f9728c7e0de99c23b22026da6b74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3888
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame AC46 11 KB
4 KB 49ms
19ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4ef8c06ee58291161d8017e8af7f922444324556dfd6b847fcc5c4fb1c39f756

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3936
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 301572d769f8f4c170bcd6e84c92088d.js Show response
www.gstatic.com/mysidia/ Frame 1E2E 7 KB
3 KB 78ms
24ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/301572d769f8f4c170bcd6e84c92088d.js?tag=client_fast_engine_2019

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ed3d1a7f0e374a479fd9106f6b32ce6062baac77315d4729e3e2c55423ad28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3259
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 04:56:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 03:42:30 GMT

GET
H3 200 d7c61941065aa73d25f345fbf993b039.js Show response
www.gstatic.com/mysidia/ Frame 1E2E 130 KB
48 KB 80ms
26ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d7c61941065aa73d25f345fbf993b039.js?tag=video_mra/web_raspberry

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3ca2636af2ff861932313b4c720f167abe05db8e58e48b12c832823a92bde829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 06:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 48891
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 06:27:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1E2E 3 KB
580 B 84ms
32ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:14:43 GMT
server: ESF
date: Mon, 25 Oct 2021 13:55:05 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 1E2E 2 KB
912 B 33ms
27ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:42:26 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 1E2E 18 KB
8 KB 52ms
51ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 1E2E 3 KB
1 KB 26ms
26ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E2E 120 KB
37 KB 106ms
105ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 1E2E 14 KB
6 KB 51ms
51ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1E2E 0
0 34ms
34ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6FqQ81orCkfA5ViU8vHtHixlK-wTiFRzvyPyA1CUx2djqycgAGTqEbumqQAo0qKRaCLTmp99SrpnGDbDRg-CZmSW8eg
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame 1E2E 27 KB
11 KB 24ms
23ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 11:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 21 Jan 2022 11:35:39 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8014 22 KB
8 KB 37ms
35ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 269857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9370
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDb_zLzFisGSPEtgjR8nN5U&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDb_zLzFisGSPEtgjR8nN5U&google_cver=1

43 B
172 B

29ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDb_zLzFisGSPEtgjR8nN5U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNUTvmGrW-Ki33VoaqmQw1INoUuooI3LolUjNnyIlsT50h2XhnvvHS2dChe0hudWUwscfRzc-dl7APMUKraTH3BWCkVKZrrV9Bdv5qGCTkOO-qtF_vXpkZ7qQL4b2rFEErJYxLc3W8plkhUmVgAc65uTauAAzzWGYTp8ZdyYrwNA2Oja6NQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDb_zLzFisGSPEtgjR8nN5U&google_cver=1
date: Mon, 25 Oct 2021 13:55:05 GMT
via: 1.1 google
server: OXGW/16.217.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9370
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0MDMwYjAtNjU2OC0yNzU5LWZhZjQtYWNkNTVmYjcwNzU0

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0MDMwYjAtNjU2OC0yNzU5LWZhZjQtYWNkNTVmYjcwNzU0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNUTvmGrW-Ki33VoaqmQw1INoUuooI3LolUjNnyIlsT50h2XhnvvHS2dChe0hudWUwscfRzc-dl7APMUKraTH3BWCkVKZrrV9Bdv5qGCTkOO-qtF_vXpkZ7qQL4b2rFEErJYxLc3W8plkhUmVgAc65uTauAAzzWGYTp8ZdyYrwNA2Oja6NQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0MDMwYjAtNjU2OC0yNzU5LWZhZjQtYWNkNTVmYjcwNzU0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 9370
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKZnzB_A_aaAYhWKmdQ1nvM&google_cver=1

23 B
172 B

89ms
49ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKZnzB_A_aaAYhWKmdQ1nvM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNUTvmGrW-Ki33VoaqmQw1INoUuooI3LolUjNnyIlsT50h2XhnvvHS2dChe0hudWUwscfRzc-dl7APMUKraTH3BWCkVKZrrV9Bdv5qGCTkOO-qtF_vXpkZ7qQL4b2rFEErJYxLc3W8plkhUmVgAc65uTauAAzzWGYTp8ZdyYrwNA2Oja6NQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 25 Oct 2021 13:55:05 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEKZnzB_A_aaAYhWKmdQ1nvM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9370 23 B
172 B 139ms
50ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNUTvmGrW-Ki33VoaqmQw1INoUuooI3LolUjNnyIlsT50h2XhnvvHS2dChe0hudWUwscfRzc-dl7APMUKraTH3BWCkVKZrrV9Bdv5qGCTkOO-qtF_vXpkZ7qQL4b2rFEErJYxLc3W8plkhUmVgAc65uTauAAzzWGYTp8ZdyYrwNA2Oja6NQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 25 Oct 2021 13:55:05 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A72A 22 KB
8 KB 35ms
34ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 269857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F712 22 KB
8 KB 33ms
33ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 269857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 98F0 41 KB
15 KB 49ms
49ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E71E 1 KB
749 B 39ms
39ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17768
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7FB4 35 B
465 B 63ms
9ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGeSQdwfJ7EwDohvvlbpWY4&google_cver=1&google_push=AYg5qPJX-VgCVSiUpz2h7cfujYTIcR-J3gLc7RQ1xzd1M_Ob20aJ1hcJRaPeC1uEbYqvnb67O1rDUwdnSHvmxSBAuluBUdBOGRAL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECRIh5GEfPcRaNWywA6Fgno&google_cver=1&google_push=AYg5qPK5fqvBtZbxsKq0eaPMqiusscMni3JIeor05IuYZZEvlqTOQX5hj7ArqHajbSMFEdwtIz9Lu6PfDzr7SWpf...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK5fqvBtZbxsKq0eaPMqiusscMni3JIeor05IuYZZEvlqTOQX5hj7ArqHajbSMFEdwtIz9Lu6PfDzr7SWpfgRz21Zgb7ry4

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK5fqvBtZbxsKq0eaPMqiusscMni3JIeor05IuYZZEvlqTOQX5hj7ArqHajbSMFEdwtIz9Lu6PfDzr7SWpfgRz21Zgb7ry4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: MT3 4044 0c7f252 master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK5fqvBtZbxsKq0eaPMqiusscMni3JIeor05IuYZZEvlqTOQX5hj7ArqHajbSMFEdwtIz9Lu6PfDzr7SWpfgRz21Zgb7ry4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 25 Oct 2021 13:55:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_push=AYg5qPKmHQvlXIFnT6xYiAdk86JaAsCuNkKhR74tjWhbSufrNQmrboI1oT...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_push=AYg5qPKmHQvlXIFnT6xYiAdk86JaAsCuNkKhR74tjWhbSufrNQmrboI1oTHbU3Ap4PvUk73oCKak9Wk4I8hBS-F-NRdZI9Kw9Mh-

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1635170106.562462,VS0,VE93
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_push=AYg5qPKmHQvlXIFnT6xYiAdk86JaAsCuNkKhR74tjWhbSufrNQmrboI1oTHbU3Ap4PvUk73oCKak9Wk4I8hBS-F-NRdZI9Kw9Mh-
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7FB4 0
141 B 75ms
21ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGgV6HMvZdINwn0ufaWXHvg&google_cver=1&google_push=AYg5qPLPKu1UdA3zbsSeglUSfYXyobxW5XUUUKl5s1OuqJ3TcSscbad3wfqnPWtGK7jomEWz1CPI-_Eg6mVn9fkt_oh_iC_DFjFc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 7FB4 43 B
548 B 98ms
32ms Image
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEAqzvBbkixL7bcngbdR368E&google_cver=1&google_push=AYg5qPIrpJWU_7FkobhGPkzvTE62k_HwjW3XKknX3HSR22N4Z6RyH5K4qAUPtc5vDB7uw3ENbZgV9hC1qk8EguB6DRVeHXP8vHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 13:55:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMscPp4IJpey82yFNfSO--g&google_cver=1&google_push=AYg5qPJ_VRMcTibTBns8a_jZR7m0XcGuz9hnBizd5CiPD_1x26jJoDSWueyjxeUM4OljtxRh6zP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4RDgtMTgtSFQ4Nw==&google_push=AYg5qPJ_VRMcTibTBns8a_jZR7m0XcGuz9hnBizd5CiPD_1x26jJoDSWueyjxeUM4OljtxRh6zPUoPe8VfYCRyYxW0oUiNC__S10

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4RDgtMTgtSFQ4Nw==&google_push=AYg5qPJ_VRMcTibTBns8a_jZR7m0XcGuz9hnBizd5CiPD_1x26jJoDSWueyjxeUM4OljtxRh6zPUoPe8VfYCRyYxW0oUiNC__S10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4RDgtMTgtSFQ4Nw==&google_push=AYg5qPJ_VRMcTibTBns8a_jZR7m0XcGuz9hnBizd5CiPD_1x26jJoDSWueyjxeUM4OljtxRh6zPUoPe8VfYCRyYxW0oUiNC__S10
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB4
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUw...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUw...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAn...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHKuSuOCykY3zjW3o8Kq8RY&google_cver=1&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAn...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODY2MDQzYS0zNTliLTExZWMtYjQyZC0wMmRlODlhZTk1M2M%3D&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkX...

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODY2MDQzYS0zNTliLTExZWMtYjQyZC0wMmRlODlhZTk1M2M%3D&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkXz8nemngvbx93OO6QH8E7LniFIMI3qfjAkb1g

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyODY2MDQzYS0zNTliLTExZWMtYjQyZC0wMmRlODlhZTk1M2M%3D&google_push=AYg5qPLa_-dOOX39IM6LO6Y4P79tpjQRjwtqHCkGjl7iAv0JyAsUAnUwps9gEx9MkXz8nemngvbx93OO6QH8E7LniFIMI3qfjAkb1g
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7FB4 0
12 B 46ms
45ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1nqcoV0gzsHug9TaDJVZEjZaqKk2dQKId6Yvm8EpwIja5SEY1QSXx34H6yCqGrgHGd0t0-w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 166D 22 KB
8 KB 31ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 269857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame F840
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

101ms
74ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2576417505574&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1335a131808610b3854d90ea7b645a923f51851feb7aa6afff00f398ea8b34e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25452000104720100710612011758003
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1310
Expires: Mon, 25 Oct 2021 14:55:05 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2576417505574&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 25 Oct 2021 14:55:05 +0200

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 9D32
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

111ms
83ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4881943296791&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 1b4a33ebd2999521878ee99d4b3a18cead237ee9c661a31b0e26ce091b536dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 99822300098877200710612011758012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1317
Expires: Mon, 25 Oct 2021 14:55:05 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4881943296791&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 25 Oct 2021 14:55:05 +0200

GET
H/1.1

200
OK

request.php Show response
hal900016.redintelligence.net/ Frame AC46
Redirect Chain

https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

104ms
77ms

Script
application/x-javascript

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=9521141115190&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 97f959798bebcee131074d0992a0e328610d03b24e4039bae89f1e5c4cd57ad2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 43215700121998400710616011758016
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1316
Expires: Mon, 25 Oct 2021 14:55:05 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=9521141115190&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 25 Oct 2021 14:55:05 +0200

GET
H/1.1

200
OK

request.php Show response
hal900018.redintelligence.net/ Frame 36B3
Redirect Chain

https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

99ms
71ms

Script
application/x-javascript

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2684459822006&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 8f6ab91beac606a8c0dc62edd5ab7a39d7c8a573bc03d7b8d801b054b1d8f1ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 39570700125856400710612011758018
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1312
Expires: Mon, 25 Oct 2021 14:55:05 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2684459822006&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 25 Oct 2021 14:55:05 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3749 22 KB
8 KB 33ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 269857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 98F0 148 KB
57 KB 44ms
7ms Script
text/javascript 23.218.208.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.133 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e5b69da40b0a2ea196d225b715d78a9b5e87fbbb20ee75902cda02ac2537d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 13:02:38 GMT
Server: nginx
ETag: "\W00000582821634562158776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58282
Expires: Mon, 25 Oct 2021 14:25:05 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/ Frame 6D04 6 KB
2 KB 49ms
21ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

f89afa533ee24b3e3e335bc5c0660e1c89d95e0fa11beca8da9fc8862a221ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1913
date: Mon, 25 Oct 2021 11:55:30 GMT
expires: Tue, 26 Oct 2021 11:55:30 GMT
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 7175
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 98F0 0
542 B 149ms
94ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUTZAMrla_yY7dCvo_Ak8FY8uk-0er_PvYqp7xBTaEiBDCnkt7L86kQpKJ94csqnj6ICaVvLyJtY8PsvKQPLXitTK-zvg1z4n5C7tXRvPhMvXO4D9BaDyIVTH7u-2gL-CFhsDPnPb0TEBxkjRo-LKhezdbQD12vxNk56bANWODhE6d8jM9nggvyV-eX9A-G4Qrzez40dNHPYq5aSUs5w1p0_yLFYast0B71lqdw58AFag9uD97sx9I3xG9hnZ6ash-ovfXmxaBuS7EkGw-UaH24qWCR6ZsQ8c1dFn_UmmaboOWDXxxfjh-lbPmr18Bs4BTw9K9ol62mwmJ-j-PAWlMYaVVo_WWFPT4QVWUF1ul-u4U27Tdosxx9G2zOYfKit65B08VI_eGA3TQapeETMVE31O53KCLcW8MSSlzzZYh2ES1BD4K6Dv6CUQ4cVeOA-0HkFIKLjLd4_skQKyCp0k5ee2pyFMjGzwHNKygFHEYz3aa4PaVbqkEJCSAo4xik9I8bf0PSbGUiEUkeP9HMr9z6zPesKIuX0R9vHnmOu8egpv2TLwpVtA4p5ycp5dDOilldwGTV9Lhh6VcHxGYXKyN--mHL5Yk2NjFAkQmmk71QttxgJEio99Fq38b4hf6_aC2_lXFvkUf8aYKyUMZRfSwFCUhFMXUReYyZfkKxBksWoefvN-Bf-9zll403C65513GtNuOUgQ_0QvTS1I9zWhJ5wfEEcltBdbV3xX6fvEdb_-BFbNMBBD_sMv9EXK33FzzITGD6B-ZCIpGOmAakzOJpy5wLhkwUSId7bJAPfdC2pXIeAr6Jx9sMxvlTbxDpFsEQERor79v_zORuDXDbr3fr1ychmu9gDo7B70wArmxLRdBfX7FEUaH2Y2tnf5et-NwnIqzgsX2VEySLzEyP64zVepN3MZyV8u7jBYoDniP0dsSeEj9_aeYyvfoIO3bga4JpXWOUOFsKc9ojB7Jf40IRKMPmMQwmzoyGjKePHJnRGB0JsyKPqn0kg8CdBD-FedVCabvp0ALj8yY49ZzxjRqOwqQmKyUUyRXNj1OK0J4wiyR-y9VmZjdHSB1dcov9tchpn_gLyXlyLlM7OSxI2s1Lb9WM0HuMr3k425bzt2N3sWI26iwO_w&sai=AMfl-YQWoFZ_29TxTtPXYjmyTnzSk4aRbiPXhRmTrRi1ZZ_YkZ4KlfxlekbsWeCdV8j5Ukq-OmGboYKX9ZuOk0L3g8THezI-rMlR-Ekd-fHokolT-MsBlPFA16KpTazI5RUrfSpFpfq-eroWsvCWgiYdyNaSqhdGAw&sig=Cg0ArKJSzEjW9zshZ55xEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&cbvp=1&cstd=216&cisv=r20211020.93676&adurl=

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 25 Oct 2021 13:55:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 98F0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0917641fede821c01b43369a34cc10f397560a62ecfd9f2795dd77bd452144c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F5E1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93c484130f46a3df71956d4e2a4c208906c2c972a230308dc5383ca9c71efdfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F5E1 15 KB
16 KB 94ms
39ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 332328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F5E1 15 KB
16 KB 74ms
20ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 592048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 1E2E 2 KB
2 KB 23ms
23ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 02:31:27 GMT
x-content-type-options: nosniff
server: cafe
age: 41018
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Tue, 26 Oct 2021 02:31:27 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8727888658119169474/ Frame 1E2E 2 KB
2 KB 26ms
26ms Image
image/png 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8727888658119169474/downsize_200k_v1?w=100&h=100

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

114cf7dd2c611158d7fd26aa9b40f38300ea41b9acef9f4ce30edd1d6caffc86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 05:08:30 GMT
x-content-type-options: nosniff
age: 290795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1814
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 16:42:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 05:08:30 GMT

GET
DATA 200
OK truncated
/ Frame 1E2E 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 1E2E 0
298 B 1158ms
387ms Ping
image/gif 142.250.182.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~kv6q28jx&c=925233718677&slotId=462616859338.5&qqid=CKqRi6rb5fMCFRzyuwgdCfcD_w&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7c61941065aa73d25f345fbf993b039.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.182.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa05s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15449582028289737455/ Frame 1E2E 175 KB
175 KB 35ms
34ms Image
image/jpeg 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15449582028289737455/downsize_200k_v1

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

cf30a3f2905237af45d616d88af2bcea7390308953dd26e989245ba30a7e8a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:01:39 GMT
x-content-type-options: nosniff
age: 431606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 178894
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 12:35:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Oct 2022 14:01:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1E2E 0
0 65ms
65ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1eAnObd2YeqQBZzk7_UPie6P-A-ys7f5ZLm73fCKDtzZHhABIOPgvCNgleKQgqAHoAHAlM6EA8gBCakCnD8rD2iAsz7gAgCoAwHIAwiqBOgBT9BBF1Fjlw5x0PZ0sGfTPiCZZxbZsvWrJNi3iAW8DclWgaZSZzby6f9oXSQclPzAuRJBacwTit-qONA697UJzutWqXxeRRw2bInofzNotULtIC0rFWUqn3-4KsxBJjdii3EFryQLa70_kViMmZ9VjI0PmuNNfDezlmptU-2kZ8ZlVdlIC4Gts-Y34UZljcX7juClC8AfXbCamOK1rXDOkREtZYWGclx7UHqbqtYHoY3VuK_EsFaAbWXG81ekxGBtyED0zC4W4Ycix0iYfSeS2r-qKGPpHBSqk6wnROzkOQ4f5OGwtpdc_MAExP6Ct9gD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB633_2yoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEMe0EtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTMyNTE3NzkzMjU5OTc1MIAKA8gLAbgTnBvYEw3QFQGAFwGyFx4KHAgAEhRwdWItMzM3OTk2OTExNjk1MDE5ORiLuhI&sigh=CtEPEJedegE&uach_m=[UACH]&template_id=3484
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A3B3 1 KB
749 B 30ms
30ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17768
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADF5 6 KB
3 KB 20ms
20ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 25 Oct 2021 13:55:04 GMT
expires: Tue, 25 Oct 2022 13:55:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 1E2E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 886b7edf89b22581e79b6e2c2d0e95069da477dc83793a4d82d129dec18489ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET /
google2waycm.netmng.com/cm/ Frame E71E 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E71E 0
104 B 120ms
26ms Image
text/plain 64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJmnno4ucqsDuEOkIIxGhUc&google_cver=1&google_push=AYg5qPKRdGQBPFa4ayCsWetMqk66WTYpDMLZw1lB5SUXAxh8F90gNfI8pvOTWusIT8txwoNvHACIG90CO8ALbOUQAvjthjtRgkQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E71E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENKKG-gTxKwM3gj_EXvIJKM&google_cver=1&google_push=AYg5qPJUo0Ji9TbyFb4PWdd67J35vgz6NmIuq4qdS6PwPlbueHfR0ZUWVPpe7SNJ9Dnuoy_ZwHLMUUvZYSF8SlAX2u5Vjdh...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJUo0Ji9TbyFb4PWdd67J35vgz6NmIuq4qdS6PwPlbueHfR0ZUWVPpe7SNJ9Dnuoy_ZwHLMUUvZYSF8SlAX2u5Vjdh1hJDR&google_hm=MjMxNTEyNjc2ODE0NjM2ND...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJUo0Ji9TbyFb4PWdd67J35vgz6NmIuq4qdS6PwPlbueHfR0ZUWVPpe7SNJ9Dnuoy_ZwHLMUUvZYSF8SlAX2u5Vjdh1hJDR&google_hm=MjMxNTEyNjc2ODE0NjM2NDEzNQ%3D%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Oct 2021 13:55:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJUo0Ji9TbyFb4PWdd67J35vgz6NmIuq4qdS6PwPlbueHfR0ZUWVPpe7SNJ9Dnuoy_ZwHLMUUvZYSF8SlAX2u5Vjdh1hJDR&google_hm=MjMxNTEyNjc2ODE0NjM2NDEzNQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E71E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMscPp4IJpey82yFNfSO--g&google_cver=1&google_push=AYg5qPI5dy561iv01hgmDmjpmaJBr2ThI_O9abrOMaGSvWeaepOw6BxVO3998ZddU3LQMq29Qx4...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4TVAtMjUtNTFMTQ==&google_push=AYg5qPI5dy561iv01hgmDmjpmaJBr2ThI_O9abrOMaGSvWeaepOw6BxVO3998ZddU3LQMq29Qx42JgZLweATF7OZqEifeNb9oPs7

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4TVAtMjUtNTFMTQ==&google_push=AYg5qPI5dy561iv01hgmDmjpmaJBr2ThI_O9abrOMaGSvWeaepOw6BxVO3998ZddU3LQMq29Qx42JgZLweATF7OZqEifeNb9oPs7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI4TVAtMjUtNTFMTQ==&google_push=AYg5qPI5dy561iv01hgmDmjpmaJBr2ThI_O9abrOMaGSvWeaepOw6BxVO3998ZddU3LQMq29Qx42JgZLweATF7OZqEifeNb9oPs7
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET pixelmatch
ap.lijit.com/dsp/google/ Frame E71E 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E71E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIgQYPqhtJ2XzyHceb9gZlM&google_cver=1&google_push=AYg5qPKsHWHG7uAHpyX7kCnPLUdTVte5-NZ7UtfE8MlJog-9xABCWg9HDJ2x2vlPYTMIOCaNeNljYMazJAQYcmYO...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKsHWHG7uAHpyX7kCnPLUdTVte5-NZ7UtfE8MlJog-9xABCWg9HDJ2x2vlPYTMIOCaNeNljYMazJAQYcmYOT1L4U9T5RSLi

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKsHWHG7uAHpyX7kCnPLUdTVte5-NZ7UtfE8MlJog-9xABCWg9HDJ2x2vlPYTMIOCaNeNljYMazJAQYcmYOT1L4U9T5RSLi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Oct 2021 13:55:05 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKsHWHG7uAHpyX7kCnPLUdTVte5-NZ7UtfE8MlJog-9xABCWg9HDJ2x2vlPYTMIOCaNeNljYMazJAQYcmYOT1L4U9T5RSLi
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: tW_QBHobtZUO8PBee0EwP8fPTV8ELO-TQm4gQpSpMAxh94IoLT3iTg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E71E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMwg6nGfvx9gIe6y60IRd0I&google_cver=1&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVKJN6DmSaebsoVWK3nK-tLveqtOlVBAFTAQ24KfApJ
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVKJN6DmSaebsoVWK3nK-tLveqtOlVBAFTAQ24KfApJ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVK...

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVKJN6DmSaebsoVWK3nK-tLveqtOlVBAFTAQ24KfApJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPJNaiEkCFX9HTzmpazbwLPxZeMJdeWelLT2ffjlTkFbi_D4R48enMVKJN6DmSaebsoVWK3nK-tLveqtOlVBAFTAQ24KfApJ
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E71E 0
12 B 34ms
33ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSA507AYMhxOjQLC0kckdRrG9s4SfZ0QYemAET4YwPlxdaYauNGcpHMHPbB6IgacWHEQAM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

206

videoplayback
r3---sn-2gb7sn7r.gvt1.com/ Frame 1E2E
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=3a4611cfedc90288&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1635177305&sparams=ip,ipbits,expire,id,...
https://r3---sn-2gb7sn7r.gvt1.com/videoplayback?id=3a4611cfedc90288&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1635177305&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

949 KB
949 KB

124ms
74ms

Media
video/mp4

172.217.130.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-2gb7sn7r.gvt1.com/videoplayback?id=3a4611cfedc90288&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1635177305&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4D2E11CB22072C8AED02A4E546868049C9074E72.569B18F3D518E7E4C8D931F103F0D50A503949D8&key=cms1&cms_redirect=yes&mh=_F&mip=216.131.111.46&mm=28&mn=sn-2gb7sn7r&ms=nvh&mt=1635169695&mv=m&mvi=3&pl=24

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.130.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

2a3c940fad4f724e79d163afc58b020dce161d292362dba2765589ba888155aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Sep 2021 14:05:53 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-972080/972081
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 972081
expires: Mon, 25 Oct 2021 13:55:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:05 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-2gb7sn7r.gvt1.com/videoplayback?id=3a4611cfedc90288&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1635177305&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4D2E11CB22072C8AED02A4E546868049C9074E72.569B18F3D518E7E4C8D931F103F0D50A503949D8&key=cms1&cms_redirect=yes&mh=_F&mip=216.131.111.46&mm=28&mn=sn-2gb7sn7r&ms=nvh&mt=1635169695&mv=m&mvi=3&pl=24
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 701
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6795 11 KB
8 KB 68ms
35ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1302e636d9d946765073b11621c8eccc0cc602111ea1ead858092561db373cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8444
x-xss-protection: 0

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame C87B
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=39570700125856400710612011758018&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39570700125856400710612011758018&actionid=731824&produktid=businessgiro&dt_url=

0
630 B

80ms
36ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39570700125856400710612011758018&actionid=731824&produktid=businessgiro&dt_url=

Requested by

Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2684459822006&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39570700125856400710612011758018&actionid=731824&produktid=businessgiro&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 25 Oct 2021 03:55:05 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=4q5v20s45j3m1hxxny2qjeh3; path=/; secure; HttpOnly; SameSite=None DTU=8C9BB5E5682A2BE7141FD4EE79BC7B95; expires=Wed, 25-Oct-2023 13:55:05 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 25 Oct 2021 13:55:04 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Set-Cookie: trscj=MTYzNTE3MDEwNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRNNU5UY3dOekF3TVRJMU9EVTJOREF3TnpFd05qRXlNREV4TnpVNE1ERTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2; expires=Tue, 25-Oct-2022 13:55:06 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YXa3P|YXa3P; path=/; HttpOnly
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39570700125856400710612011758018&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: D8836F2E:D686_91EFC182:01BB_6176B739_EEF4FB:2A265
X-IPLB-Instance: 40028
Cache-control: private

GET
H2 200 / Show response
adv.office-partner.de/ Frame B0E5 930 B
1 KB 46ms
6ms Document
text/html 185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2684459822006&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method: GET
:authority: adv.office-partner.de
:scheme: https
:path: /?utm_source=webgains&utm_campaign=webgains
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

server: keycdn-engine
date: Mon, 25 Oct 2021 13:55:05 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Mon, 01 Nov 2021 13:55:05 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 36B3 1 KB
2 KB 244ms
109ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=39570700125856400710612011758018&nw=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: f211920e487e13d5da9be008dda9ff4ef8ffbb3938e005ed9549b9785927c9e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1231
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415 Show response
5994599.fls.doubleclick.net/ Frame 0AA0
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415?

391 B
345 B

69ms
42ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415?

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

0d98c44f6845fcd2348bbc75bb82480694221164e1fb07e9df14d5412a12bb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
expires: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php Show response
hal900018.redintelligence.net/ Frame 6F73 7 KB
2 KB 39ms
11ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=b3a2877a76&subid=&uid=1f9a2a6e7aafb027&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_BWDOLd2Yd2YM9DL7_UPq5yiuAe1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTgAU_QbzkrWN8C2nNKuE12O5tGIiG1PbqSwZPAQJO6-nTFLmnKltn71Fnd_WqHLxndyzavEBcsDcfvbYM4NG9tT8QW3s6uFQbturIbt6PpDFPUqGoDmSblhfUNh_2Flu5-MjQeI_Tmr5yGjYzyafMDruff8gYCub1ojOBty86s63C3ls0CHMEMsX8UljNFIMT9G63VBjTAtOlxfHhsxgiyWXGmXpMccWM1zbC0x4rFi520nIuD_5dTaVhaBHILvKRdYvhafMrruSxI5oIxeJU4pTz7dXqxDXbjW2OkTq1jPK-WwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRozINt6T4nBMVO3GxR6WAOiQ%26sig%3DAOD64_0ViFqnoD4_xhyDTCTNcMFsikaa6g%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-AuCMMUnACiPdsTaE-hbT6r4dPgkkm0HncQCSsWWvxGQzuSWLqaP-s-DKDgMsCjqsC34koUMLMzaJrAjBNn7Z0jBQpPSE2s2WG6vc3akGTny0CI64Vw3LIYnmv9FQ1e0npAkUjc7zq5yK38EM7S0Kco3uU43A%26cry%3D1%26dbm_d%3DAKAmf-AplHAcVmSBXOo0QoKzAg-VB_yRsO8I42WDslQ2ly8Z5z_QwOhQvHMuKS-ySKjHqh13rYS7ptmD1jHF8UhXo0sSRWQ2NaYz7nWrOnEtmjMDpeqCpvB8rD6IsWCUXse3PN1VWrszjHIi-Gl5T1ASD9jJmkgISgtzwjBmrWXBE0rsWWs6iQAyKG5F5hkjUgnWg58eNlIhWOH8e7zVu4biv8jIRsn6i9hUQ7y5gTB-xbQSLiVxF3LEqGgGSSvk3uRRE7uE0FIio7XyF1ZVPYdumCRY6ymnWoSecnWkJjaZIRXiw9O_LnacusyrRW6hcn6ml7mo1IJVp_Tx1M7iUwzDTs07Q2m_rY9MSmnQsWyJkCrb2HcQlfqxb4gtcCwmxmV4wrc9ynsLl3h7o4qM-eU5tfo-D0YgQ4y2ZJLBP5kMxV-jlRFafWuS8zsC4674oWvu1vcKh1k8%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2684459822006&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: c0d027354b59c47e066b7d49c1b0abd4618599e7b2c33e208cac2c3c528e657a

Request headers

Host: hal900018.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=6583466b724842be
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 25 Oct 2021 13:55:05 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 25 Oct 2021 14:55:05 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2065
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 36B3
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=39570700125856400710612011758018
https://ad-server.eu/wm/pb/native.png

68 B
312 B

166ms
30ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:59:01 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: D8836F2E:D690_91EFC182:01BB_6176B739_EECD7F:627C
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 36B3 43 B
705 B 77ms
39ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601050&v=18332&q=376776&r=296283&pref1=39570700125856400710612011758018&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8676 1 KB
749 B 26ms
25ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17768
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 36B3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7e6bfb9e5de0cfec6acfb9ef0a1fdb7e545eb87f0f081c73f5eb3b298dba7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 4004
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25452000104720100710612011758003&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25452000104720100710612011758003&actionid=879111&produktid=ratenkredit&dt_url=

0
225 B

33ms
32ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25452000104720100710612011758003&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2576417505574&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25452000104720100710612011758003&actionid=879111&produktid=ratenkredit&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 25 Oct 2021 03:55:05 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=kmgskvp1dtsaqjc1zxpzs1eh; path=/; secure; HttpOnly; SameSite=None DTU=BE7DC6B3F6D7017ED82DF83ADA67B861; expires=Wed, 25-Oct-2023 13:55:05 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 25 Oct 2021 13:55:06 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.21
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Set-Cookie: trscj=MTYzNTE3MDEwNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRJMU5EVXlNREF3TVRBME56SXdNVEF3TnpFd05qRXlNREV4TnpVNE1EQXpKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2; expires=Tue, 25-Oct-2022 13:55:06 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=1|YXa3P|YXa3P; path=/; HttpOnly
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25452000104720100710612011758003&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: D8836F2E:D684_91EFC182:01BB_6176B739_EEDE0B:2A263
X-IPLB-Instance: 40028
Cache-control: private

GET
H2 200 / Show response
adv.office-partner.de/ Frame CE91 930 B
1 KB 16ms
6ms Document
text/html 185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2576417505574&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method: GET
:authority: adv.office-partner.de
:scheme: https
:path: /?utm_source=webgains&utm_campaign=webgains
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

server: keycdn-engine
date: Mon, 25 Oct 2021 13:55:05 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Mon, 01 Nov 2021 13:55:05 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame F840 1 KB
2 KB 219ms
103ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=25452000104720100710612011758003&nw=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 7fda9e8ed98149567e88c13fd4bec7d66b115f78824a68db296a818c9e1acb95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1233
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136 Show response
5994599.fls.doubleclick.net/ Frame 7CA2
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136?

392 B
347 B

72ms
46ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136?

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

fbc515b629dbcf59fbbe5d5a19016e5bce25803005c3c4d2d5ba09ae52656c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
expires: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame F846 7 KB
2 KB 35ms
12ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=5eb8a5ea66&subid=&uid=36e1bdfdcd1f8b0e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuD-eOLd2YY3BNIGx7_UP5JaByAm1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpAtDweVQqi7M-qAMBqgTCAU_QHbpZMOB2I9GQNPFLfKvF9fyxNr__sl_MGi8iWNcida88tGYNB3ifvRAYF20Bmhhxdqvm8WeXV4EMe8jX0OUob_OYOhl03CIYqBFPlmGVCx7ZwOS5_OooVvY6JO7VpQlfOZBbucF1STiD2_CNG8r5GKLkltIEBTD88KzRqHs32CyChIvtTpnBzLJzUDlbJk4OYCfRQqLtIsePNNyCmI7lbKgWUYkl-dyHoKadxC48lHEZTKCF2k62w_kV_QAQ4nOVwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopxkbI6x4dTX9AoRNr59Rtg%26sig%3DAOD64_0FHuoOQPHq0HSvnLMLmRphgr1WPQ%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-DDoDWmLLfp2CupxbgqPZEKDl3D-dp0cwAaG4MsGofG7Ypws_9kmutCcqwXka3JTcY8cQ8e6uA-ryjj2668LnYJvTHZJTMaFZDNv4U5VKwq-MaR87YKg6l50qQ-tKLf3-WhFivhsWWcZ3EzT2PHjdYrnvDjAg%26cry%3D1%26dbm_d%3DAKAmf-BOCfY9Dvr_cKd99d2ENG81-r4DeV6KZIgAw48D24J-MdtFll81_AGkJM5k9Ao7JehmXVz0yq9kXIVm4eG9Ue-hSQBLNpZvth-ggdmWWVQqwfMM5Dbf45zjelcbMLMjEckIhpt8um3NmpsqzlVQQ_TFLdqEBgVRXpoP3WL28c9h8uuYHJkmYglo4ZpKczusiXLWeo7wJG-4BA96_mDhpOHRMusfsO3u_Okob6ESClijYRG67-0fLZ202toUWG31t6JXfx5h9tfP2ZFYtn3TtnJ9I5kA7KAVGI551CM00tuqjqMcNUgsK07jJmt8ApjumaupC_vSK2x1ZE_w1LIZgCU0JlBcq92BpwdpjHewf3N9VQ3MbwewiNN6Ycf5RBgFXLpoqNq407JkRuyYQ63ZV_UI1OBKK4yek4Upz5k5xaGhfs73Hw9Of01k_Tj1VZWw91Lxewm9%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=2576417505574&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 889ae4d4cf96fae8627be413fee26d3a4432e1055194002e443d7116067b11a7

Request headers

Host: hal90003.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=6583466b724842be
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 25 Oct 2021 14:55:06 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2064
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame F840
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25452000104720100710612011758003
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25452000104720100710612011758003
https://ad-server.eu/wm/pb/native.png

68 B
312 B

106ms
30ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:59:01 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: D8836F2E:D684_91EFC182:01BB_6176B73A_EEDE18:2A263
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F840 43 B
705 B 55ms
39ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601051&v=18332&q=376776&r=296283&pref1=25452000104720100710612011758003&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 487F 1 KB
749 B 23ms
23ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17768
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame F840 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d107f6d68bde32443f37acac01340dae9b6b3fa25a659e8a9c7b14ba59100c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 3A95
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=43215700121998400710616011758016&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43215700121998400710616011758016&actionid=879111&produktid=ratenkredit&dt_url=

0
202 B

65ms
38ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43215700121998400710616011758016&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=9521141115190&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43215700121998400710616011758016&actionid=879111&produktid=ratenkredit&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 25 Oct 2021 03:55:05 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=n33321gscbsvkblv5n45nswk; path=/; secure; HttpOnly; SameSite=None DTU=072A833D0DBEAC872EF9BD8DBFF81BEC; expires=Wed, 25-Oct-2023 13:55:05 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 25 Oct 2021 13:55:04 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Set-Cookie: trscj=MTYzNTE3MDEwNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRRek1qRTFOekF3TVRJeE9UazROREF3TnpFd05qRTJNREV4TnpVNE1ERTJKblE5YUhSc2NBPT18YUhSMGNITTZMeTgwWmpNd01XSTVNRFkyWVdabVpUQmtORGc0TkRKbU1tVXpPRGN4T1Rjd09DNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D; expires=Tue, 25-Oct-2022 13:55:06 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YXa3P|YXa3P; path=/; HttpOnly
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43215700121998400710616011758016&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: D8836F2E:D686_91EFC182:01BB_6176B73A_EEF4FE:2A265
X-IPLB-Instance: 40028
Cache-control: private

GET
H2 200 / Show response
adv.office-partner.de/ Frame 5388 930 B
1 KB 6ms
6ms Document
text/html 185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=9521141115190&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method: GET
:authority: adv.office-partner.de
:scheme: https
:path: /?utm_source=webgains&utm_campaign=webgains
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Mon, 25 Oct 2021 13:55:06 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Mon, 01 Nov 2021 13:55:06 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame AC46 1 KB
2 KB 226ms
112ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=43215700121998400710616011758016&nw=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: eca7a48aa1a6739bb52bed5ce61569defc7046fb423f13c59c4c08f3fc88801a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1231
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464 Show response
5994599.fls.doubleclick.net/ Frame 0A4C
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464?

392 B
347 B

61ms
41ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464?

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

3facdebcccdb01a64e545213d5631c9151d741e5912a0f8fc3a4976766eb78b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
expires: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame 2082 7 KB
2 KB 34ms
12ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d043aed329&subid=&uid=4db7c0635cdb2ae1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzRB9OLd2YeX5LPWW9u8Pmfy5sAq1zfmDV8zeuavlDPAuEAEg4-C8I2CV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTrAU_QxZz_sM_6YcHBnDDdp4ZA4KM9V6_Ekl9L46QXFvVtQFLqMj-wtixpCse6eOMSgxbK41NxNXkOszWBUemGNwG-3AoxvGhLBrlU-7mJvP_M4T_W2ssGeBoJBjoek67QxugTubJB6UXgsar5IcoCOUH99XOvII8rwbdtuK0hl791hAJiV31DcaOUxM7U06VzvxjGE2ZMzn3XtezEM_cJXCxLBw3xPC8DhTzLFS4_ovr5Cj3u8dpqm_Xz-w67LtwJrV4C7uvyBrJFRZvsJyri8tx8ULfOtdHvsqAYAM-dzmMfnX1aDOWgDNJQ0NDABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRol5xsMlLSyWocsGx4IMpz1Q%26sig%3DAOD64_2IRJ-6PyZeQHbFVeRTCwvzKrTQ-A%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-C9GazuOISHa5bstkd0Dbd_4fowuNDcoUbyhtbiUyIOrNBS0JC4GsRldttWRmq1_fKl1YjFmJJbudKxUzawMgX0_b508IvcmFm5wH5Qg09eQVPnlB-WhpPJad0GMa7PFD8p5LUrrqpH9BpDgcmQXCNyMd9ytQ%26cry%3D1%26dbm_d%3DAKAmf-DOBknTlqIZJdvLHGDjjS8aGtDp3fzW69Gd8mePjD1OXrVLLz_Kc3qDmHa0m1YOoVgsnpxH40CjqAvAPkJP7Gr8hyIuzxMsLUmiGFxgX88YzFQtTt3L6XYrh64D2zdDOpchPu9ZWzijCHuw8q0W2CKdMU59rywKMXQo_IOIHezr9TDGPWNjfnvvFSsUWpUCnwhuSqKQCb5N0dazza8Uc9ohBpJWQOF_WY2aymMQQfc1cwIV16ynrnMVWrIW38yEDP5Fi6mDCKDtUlC_wQYTPAjf9gWwzMFAHULOg8wP7H88GX_UYPE8m2eR2uwoAqi7HpNh7bP3Tu2w1YMy7lAYGcGPXFXK80UviJTHLTLK3Egq3rxFcxAQBAxBJQMhJ2Fceo6xiQ7h82n_uWEY3BqzsoioYBTqldml4XSDOYNhTjSeTu1SZitJ6SomS3hqRbNKuG25_5nP%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=9521141115190&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 912f534fa5d7642fca813789c7b622c88caa79a786846944a18caf5630821999

Request headers

Host: hal900016.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=6583466b724842be
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 25 Oct 2021 14:55:06 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2037
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame AC46
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43215700121998400710616011758016
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43215700121998400710616011758016
https://ad-server.eu/wm/pb/native.png

68 B
312 B

90ms
30ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:59:01 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: D8836F2E:D686_91EFC182:01BB_6176B73A_EEF50A:2A265
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AC46 43 B
705 B 69ms
55ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601051&v=18332&q=376776&r=296283&pref1=43215700121998400710616011758016&pv=1

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FE24 1 KB
749 B 24ms
23ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17769
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame AC46 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cc5aa2d50cf4c77b5347dbab022abc3ccd389a8c53db4550c2aaa963d1d8fee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame E9BD
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=99822300098877200710612011758012&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99822300098877200710612011758012&actionid=879111&produktid=ratenkredit&dt_url=

0
201 B

36ms
36ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99822300098877200710612011758012&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4881943296791&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99822300098877200710612011758012&actionid=879111&produktid=ratenkredit&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 25 Oct 2021 03:55:05 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=nwihgh2yhlkqrh3422nbxexh; path=/; secure; HttpOnly; SameSite=None DTU=FF067DDBEB8FAC7C113712A8D14FB792; expires=Wed, 25-Oct-2023 13:55:05 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 25 Oct 2021 13:55:04 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Set-Cookie: trscj=MTYzNTE3MDEwNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRrNU9ESXlNekF3TURrNE9EYzNNakF3TnpFd05qRXlNREV4TnpVNE1ERXlKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2; expires=Tue, 25-Oct-2022 13:55:06 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YXa3P|YXa3P; path=/; HttpOnly
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99822300098877200710612011758012&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: D8836F2E:D686_91EFC182:01BB_6176B73A_EEF501:2A265
X-IPLB-Instance: 40028
Cache-control: private

GET
H2 200 / Show response
adv.office-partner.de/ Frame 8FEB 930 B
1 KB 6ms
6ms Document
text/html 185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4881943296791&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method: GET
:authority: adv.office-partner.de
:scheme: https
:path: /?utm_source=webgains&utm_campaign=webgains
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

server: keycdn-engine
date: Mon, 25 Oct 2021 13:55:06 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Mon, 01 Nov 2021 13:55:06 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 9D32 1 KB
2 KB 220ms
106ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=99822300098877200710612011758012&nw=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 9f9fdc45160ea2d2404d46ef98b6fc9c528d71d907143bff176c66e73154f813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1231
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38 Show response
5994599.fls.doubleclick.net/ Frame 4A14
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38?

390 B
346 B

40ms
40ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38?

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

780e72761423d556f8e78a547760322013d7d8fabb55eece58b73b558dedbfb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
expires: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Oct 2021 13:55:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 5CE9 7 KB
2 KB 36ms
12ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=8f4079988b&subid=&uid=c569bb6df746c5f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPkCUOLd2Yen1NZzS7_UPi4y6wAq1zfmDV_zYuavlDPAuEAEgs_ucKmCV4pCCoAfIAQmpApw_Kw9ogLM-qAMBqgTCAU_Q-XWR4SWipV9fh4JHEMhzVBWGGJVBO-Pgl8-Him-hYrFh7i6wxzPRfixaVKJYLHqgrUGWB-Iy8N3wVB2ceWiPQnio1_PhXnB-DcTLHBdPgEu3GH4IVZpua_Khd9aV6_2sFoWwM-zZ_W--HRLuLXOHCSYIKzGHr83derCsotcVCfGk4SRmRi5Ui2E2IzRXWimCg1qgd8orUsUlWElZg8kF136hR8yIPXA9YGgFx7J6dFrSeN9AsEF_Bn3iENWPCu1DwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYXYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoSjYT4YUzqikNo94SJ0xR6w%26sig%3DAOD64_22H2HRjJhz_xBNia7upNvWYSB50Q%26client%3Dca-pub-3064647383031638%26dbm_c%3DAKAmf-C3_iaQao-gUsg9Z4pCI5CjeEuQISFdqAzqEKFij7Y60Z-IUYZMl78om65K6CtyqNl7qmVRzKA5wHYjFcySE4vvdU8b41Krd5gBCRdU1SwZKyOcjgOiNz2J2FqTxJJnfVHzewOpOjX1t6NSFu1W9tXQjiLtdg%26cry%3D1%26dbm_d%3DAKAmf-AHK03BCmG63d91dDrl7APcJc03kOWKjgjyf2ZK9QqOPThy7gG2RrRW-3IkRdq0dHzHhSPtDLfxP-bpc0WO-hXL1GGXVFyzBgTOha1wijlyXMZ3zETMuocunrJo6Rktd6wO3NzfU-BY4MsD2wERY8cqUpMDjvWAa1wxH4x31Plt1LLmahmFngAuHGsDQ6NdSi1Rr6uaFVdCsqgUm-XzOzBCWAwDikHBWF9oZCr6HuapI9bZ9vV56biswWWZKRf9MyQr65IBGkr5930v-vdxLFvtF4ufvf-8HwyiivbcqO_bxaqDQaKxaf79GiEqjR1VPOwAg2kN4fNo0tWfYXObmVnc6enCB4WsMq8tklnNf_eS0PJbzkXd4RJJmUA51ES9rMq7aL3_un28YOcZbUHZES_7fKoJonx2bibtWa2yOjdesfCzEEY0_LwvjauYamyXHffbSFdA%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4881943296791&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 04479c721e1d7501f6c5f0481ef2913a628e71a6a5ad3cd8390fccd243427707

Request headers

Host: hal900012.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=6583466b724842be
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 25 Oct 2021 14:55:06 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2075
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 9D32
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99822300098877200710612011758012
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99822300098877200710612011758012
https://ad-server.eu/wm/pb/native.png

68 B
312 B

89ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:59:01 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: D8836F2E:D684_91EFC182:01BB_6176B73A_EEDE19:2A263
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9D32 43 B
705 B 37ms
32ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601049&v=18332&q=376776&r=296283&pref1=99822300098877200710612011758012&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B0EB 1 KB
749 B 29ms
25ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17769
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 9D32 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0940f61a649f38d8362b0f879eca6fbe1f4d6f28450c6c6d9ff3054ff60438c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8014 35 KB
13 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame A72A 35 KB
13 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame F712 35 KB
13 KB 26ms
25ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame 98F0 82 B
351 B 46ms
10ms Script
application/javascript 136.243.15.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.15.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h339.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 25 Oct 2021 13:55:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame 98F0 0
208 B 46ms
11ms Script
application/octet-stream 78.47.15.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.47.15.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h549.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b190.s79.research.de.com/bb-mx/ Frame 98F0 43 B
291 B 47ms
12ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/bb-mx/submit?/lJAMBmAAA/whFuMo0F0wFz6BvvAnvFvnFslFhkFzuBnuBkvF1iFslFjsFpjFruBulF0vBwhFnlFhkFvhEkzF/jEspFluF09BjhFtwE1iFtzAw2A02A03Az4AzwAzxA2zA4mAv1F0wF10F9oE0tFsmBo9B5wAmzEsvF0uFhtFl9B35AzyAx5Az5Az5AmhEkrF9yAz0A3xAy0A20A1mAhkFm9B0yA03A2xA05A1zAmwEp9B0uBthF+hFzuB35AzyAx5Az5Az5Am3E93Ay4AmsEt0F9xA2zA1xA3wAxwA0mA1yFs9Bo0F0wFlzABlByGElyAGkF5uFhtFvuBrpFl2Fu1EhlByGEmlEh9BwmAmsFhzFo9BwmA3nFs9BxmAk0F9xA2zA1xA3wAxwA0zA3wAmiEwwF9xA1mAikF09BxzAwmApkF09Bz5A5mAzoF29ByyBwyAxxAwyAwmAtqFz2F9tEywAyxAxwAx5AwxAwxAmwE00F91AmzEhsFkyF9zEhmBjvFyyFlsFh0FvyF9xAwwA2xAywA3zA40A4mAmyFt9ByzAmpEmlF91AmwE29BxmAnhFf2FpkF92A53AwyAy5A5wAuxA2zA1xA3wAxwAzmAnhFfzFpkF9xA2zA1xA3wAxwAzmAnhFfoFpkF9xA24A3wA5wA03AymAnhFfmFj9BxmAuoFk9BxmA1fF06F9wAm1EfoFpzF9yAm1EfoF9xAywAwmA1fF39Bx2AwwAm1EfhFo9BxyAwwAm1EfhF39Bx2AwwAm1EfjFk9By0AmhEk4F90Az2AmhEk5F9xA41AmiEp3F9xA2wAwmAipFo9BxyAwwAmpEz3F93Ay4AmpEzoF95AwmApmFr9B04Ay2A5zA5xA4mAzjFyfF49BwmAzjFyfF59BwmAlpFk9BzxAw2Ay5A01AlyADzBxwA2zAy1AylAyDE00A30A41A1yAmvEpkF9yAmwE2zFpkF9yAxyA53A04Az2Ay2A34A2yA0mAwlFt9B41A3mAlhFl9BymAmjF92A0wAmiEykFptF9wAlyADwBlyADwBlyADwBlyADxB2wAwlAyDEwlAyDEx2AwwAlyADxBywAwlAyDE3yA4lAyDE5wAm2EpzF9xAmyEz6F9lA3DEl3ADFFl3ADmBhiFs9BDTFmwEm4F9wAmmE19B0mAijF9yAzmApmFp9BxmA1jFp9BxuA61BznFujF62Bx4BoiFmmEziF9xAmkE0kF90AxyA1pyFo0F0wF6vAvkE5uFhtFvuBrpFl2Fu1EhvB+k2FmywAyxAtxAwtAx4AtxAz6AwyAtyAywA0zA0tAyuAxyAztAm4By3AkxBx0AKp6Fsp3Fx2Az1Ax3AwxAw0A34AzBEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FCTkzFsFAAAAAAYLaBaBAPAAAAAAAAAOAAAAGCAAAAAYLaBaBABRksFAQtjFpzviXA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:05 GMT

GET
H/1.1 200
OK data
b190.s79.research.de.com/ Frame 98F0 43 B
308 B 45ms
11ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/data?/lJAMCuAAA/2xF9CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5zAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF1uFruFv3FugBthF4fFluFnpFulFf5BzBELlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA22Aw4AwxAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAx1Ax1AzzA12AmjEpkF9xA14AzzAw4A20AmzEp6Fl9B3yA44E5wAmjEi9Bz5AxyA54A22A43ATkzF9PlAAAAAAAAB5dnAZGAAFAx8Ez8ExBEGAx2Ax2A13ArEiuAPAAAFAA5dnTEiuASksFwEbAAAAAAAAAAAAEAAA5dnAAAAAAAIAy2A2wA4wAxxAJAzxA1xA1zAz1A2BEHA15A1yA3zA5BEGA3yA44E5wAJAx1A4zAzwA42A0BEHA53A14Az2A2BEdAAAAAAYLAaBAFAAAEiuAAAaBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzyA31A20A25Ax1A2vA1tAJXFFtBChF5vFurBtMElhFklFyiFvhFykFt3Ay4A45BwtAChF5vFuvBpuFklF4uBo0FtsFCATCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFvqQ7TA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:05 GMT

GET
H/1.1 200
OK data
b190.s79.research.de.com/ Frame 98F0 43 B
308 B 46ms
11ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/data?/lJAMDvAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFFgVNSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:05 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame A271 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104353&bpp=15&bdt=124&idt=438&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1297452665&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31063230%2C31063139&oid=2&pvsid=2406490769796905&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.gsccghu6b0ek&fsb=1&dtd=452

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6795 17 KB
6 KB 262ms
261ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 166D 35 KB
13 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6D04 60 KB
24 KB 29ms
29ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/js/ Frame 6D04 2 KB
759 B 28ms
28ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

54980d0ce1ab462210a69cea7a8f61f66d7baf954c2fba0dc4030a6b6e7cb36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 733
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 06:25:57 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1E2E 21 KB
21 KB 54ms
24ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 315838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:11:08 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1E2E 21 KB
21 KB 43ms
25ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 313775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:45:31 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F359 499 B
334 B 32ms
32ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNX5spHZuar5iS27GizL578c4FXGrzmfpcE8ay5TtjWhNCjpVhUXNMHYlatJwCZF8o4FHgzp3hM66VmH9LtkofTh3Oh-zK-KJPtErGsNSlWzb4aPtq0m_j8a7c1pWlVFRjZPc9QZqrETMwkt2hZOeATTGUhwvDzy2_mcpZEAg2k4lblm3zY

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNX5spHZuar5iS27GizL578c4FXGrzmfpcE8ay5TtjWhNCjpVhUXNMHYlatJwCZF8o4FHgzp3hM66VmH9LtkofTh3Oh-zK-KJPtErGsNSlWzb4aPtq0m_j8a7c1pWlVFRjZPc9QZqrETMwkt2hZOeATTGUhwvDzy2_mcpZEAg2k4lblm3zY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 25 Oct 2021 13:55:06 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ADF5 72 KB
29 KB 57ms
57ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BquTwJhFvzO6BVAhBPbOA4qyvSFqexh4YfEVi52L7wTVb6Q1KazX_FZlcstpQu83aWoRqxVjPuL5_GtSMEKzJ2fEuwhNpkNJko2VIdCx-hLoUX3FYlKljqkrMztOCOloLatd-vdu8RkTk8-8ohFl52TnTQrQ&dbm_d=AKAmf-DyT4rTKi6l-Fall_6UdxoEpJLCvCv_n6KXyzmsx6xHZg5xG34IWZOCOMwqtAaVqh7ez2K-5wpyPLmAPUTw71mGmNizJaiLXVRPz3fP4OzH-w3kaykxSGXtOOxBpFEGW_8Frx6g6jsPMSVXffxfhwk8eH9GYifZM-8mt4qjOUFOLVUahXOPm17CZD9FFs57t6_fkj6DuHtlVzyc9Z2y1RlhX8j6qj6bre6zTZxhIH1lMyLs4KSBFWq7iBuVZZL1PnES3Yy9LoR0IR87VBQ-4CRZiIxcg5PS9Gk3jM6OvCezSF4IJIFLJB4jHJVGXEK7CYmAA9R-ntSAxkIo0c_ie8wymaqJW9umOSy7jt49Mr8bmjPEZOFvQmLyNZX9YVz3T-eGe623mYdvgp8Y2re2W1F-5Sctyqzq9ph36DhxMsqFW25pEZQF-ioAM3TkHoVEx5x-0jW3yXVPnE3W_S_zChlegHI-IwhBXnNZi5ulAWvtG9duVSySl07KHbxUC_AKkLe0xRyct8qb6n8B_lEu6cifG7ow0DYKFHyro8nXD0mFvUIURawfRRFKNlKBSZtIYnreIoyxzl91R_ETfFK-1zF9J66W2R1Fp1lv1-9CUUOJ3Hz2IWAsrDH3MWGIYt1heisAe3Ey64gn4oOjyhnAIv4KXb2RIZiX5Lh0XPw3CsiyJ0idkOGP-LoLTmPyBOmuxPRJWoxRnVVe55AhJ581Ayy0KJQ8jtyoHXg_bAZ_ODuLQOCTYov8QS_nLS8s-S38VqtnhenNUCARURBgPhOjm9fK7tGtFknKhkWxcHEyRI2FuFXSTwxRd9sI3CU7YLS4qScjIuWBUlEr_29cCb0aSBGQ4H0M1wCFJRUxJ0gbhYjFuPnvsFui2Qm92E982gKZrjPjfZZaXHRlmerpFBjH70je-0_k4mmfnajc05tQmedpRcMJkZclv0TIigx6AGw_0vOxD_MeiUtS2loEt8rpkigE0DW6jFieB4rf-SqR6GNbqVyB5ZmNNPBucEFSTKlq1CaiJnXYSpLs8H1Pf_KlvxKPw_o8Qf0J1m0plI21-loIiXG4H8_MbwW9Z7XhcxtjHeylP8C1l6-n8tTw6ABVtICpU3t1b7vi7iWHUQG0YhcuOdPFX5IwJiV_xsHd2TuDfyHEymiAvwBwxgbJKZmgR1yiQcxOT92yU-9aUWOEQJ1f0Ryi7NXvNYFVJNv4TBoqHeixHhU33TNcU_2l7h-TM9KosdWKTXPfQmbupTBb7zauyjlUie5XCVSLbIHOyX5xFNJH3l0QgHzv5sTm7UJgXKyQPOzch9tCSE7nXitqF3DF4HIT7nrn8Zk6oUJ63xQyCkn2_s67PZRrSZPfqhOoBi8pwHrbFcJnnilPgHt3GuDwyWHS7WuH780HAttW4QII-l5KPtgSBliyZVtMGF0C63sVBB4KlnNk_OrHYxr1KZ00gb-Yv5JOQIwAgyt1ZcvckBdMOjCW0yq0VPkcLq_EG_A7W6eqTrZBhCGXwad-Did0xACbSW0kMiF8z9ilo9uhUiRPQ81oKMTmvcEN5Ykq0HXEY8nt9bB4RbSr4XKUyNAKXJNzaW1YZWsdPS7MsmQBxhu8aAmUSSo3A-NmCYc9y1RjeFHx1CQ2nvUCMeJNbmUL1Pj_O1QmLPHBYyS6oBqRHr1e0snuNYzVXlqjwEi1xb0DgLSbEuQxXdAccvnTeShbAg7U7eu5XI2y3gMMAcx002CCiYgHdukxgMxjjqgaiMF7Xx2Et9P-6cNUsh6tURoUCkfHSpBJewKZM_2rQAVZkh6NDZBcGTabqS9dBLTQkbmNoUZ8L_TDP62T4we8PTO2ZdM0Upr6O4vV4o92_DS6OXgOsUXFkWaet4jlfQL06xoEh89MRsUsBhjk2gc-N-qXZ_fHJPGqfCsOEfzhKfLTuUDjIcsPTAVXRBdi4xe8NOkZvPVaCaHmPMOHaCnVxXUtDXd6Z4Yu4wLQwQ4tx9H1vD7k9NtfhztG7I_l0TA_V_BPWi-b-i1E9y1ban_I9VeOyPWB0T50iFLCKyo14kM1qUVwN3EAecVj91UppzJOdtVO6EC_2DT9bI_lG1hGykm2aZvqgYXcbXFYfWfikoF09UIGURdbFDgrgeETT4QtyFw9Fao82SLy2pQZLmRpQUIhjSeGsuYVDX-Ts8Bi10WghQ6YoS9w6lvrkyRgTK7nnRigt9IvuBTaJFkuqsAuh5LmVOxSDn2BH0yKIJk3P9zSsWZlgtWu-9iJlpjYrUFfsJ9Qm-QqzUMTLbZWXcP6niRlqzeLYWs6RWolDSya_17h5IXuOF5ENT0zIMt7Da7IMiwfYqTycTT0JyrpEz-bWvR3XzmhghCc73B56rWapcpDlx9suRRNsPnBaoN_2GtA5PdbbEDlqZKBmMJhM8XYIctQ1xix571VWR13vbz0AfI84oW3xB3W5MPIw8ISzdlz-xzyt_lB1QCtatFcIWw98Bcw0ooGjs1u0jJ8v749VrywtwJ8IokA-OxPxbUCnwanda7Uhd7zRW9TyUtWBEiH1myjoebFmQNylL3aUsD-OPypg2b-yMdOHq7B8fgf8-5Hvpe8N-6WQnqq4uT3VM5IM_0wGmlmuj1bnM4AL9GOhexO8-MMdpNbB-0xgsYAETFR7TqpK3ixQYVvA7po8JfefJCH5FaO1hZg7NPcsU0-w8CC0gVmvgOW_JY_CnDgtpurmR83GDEMTuvUDoejYcG58CL-Tg6pbMusxgfolxb_Phk7v8dGkHh3x7ZrQaZjkb-1x3LS9m2KGiwR1EWggnez4J75Cel-1FHa9oFrOl2VRtAeSVZqdEEyg0q6P5xoJ22HO1vZqACUnpNC6kgYQJkPDxaqSBZ6HQxIehOcj4nkhG6X5x3irWq05kEaCzjfCzWQeW3vIhJ8iVeFoN9_R9KEGc8o8LhEr89L4FmJ6XiPn8nwxpO_aCrA8mN8z9yyqPGZ0DyxxzOFivHzF6Dk83WhmUs5rzvfQwlBJ6DtbZJ-wKO5B7d3KtC_ZpotQti8DAlosECHkArrkK_99hwdA0hIX76eFRycV_5TliRCo2oa2aSilEcPWcAfzp290bxA4Lq_kr-tAHiyHPdGtHYhDikRQ6FfCswpK91qoIPaKTeuveN-BYCikVCH&cid=CAASEuRo-nIt7Gn1fiNvtrrBOCt4kw&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a68d21b51ca94f5e2dc531b744fb1179a40938742f329a9058355f421ec326fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29222
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADF5 42 B
63 B 56ms
56ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdkYmcY8CYFVJxo_3pofhTsJITpHwNON3QGhz7vqJiVQSW_nHp25rJxJrKD7EWQ6GiI58HiICI2Z4ZFbJLJ57nL924yBjE41FdtBXHkLIi3o_VF1A

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame ADF5 3 KB
1 KB 26ms
25ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:47:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADF5 120 KB
37 KB 63ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame ADF5 14 KB
6 KB 29ms
28ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ADF5 0
0 36ms
34ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbDstu9DFO4ETRsCLfk1vrs4OAmNCHQE2MZiHBRIA9tc1gOJ3ZOlxT-NCuCbWfawQ6Bt_PCbsW8GaO3N4n09H5wjpoOA
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 6F73 1 KB
420 B 33ms
32ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 13:51:55 GMT
server: ESF
date: Mon, 25 Oct 2021 13:55:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6F73 16 KB
16 KB 34ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: afc2ddf71398f10c6e954b930e5796908b7d21b413479c7b36041b56166360be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16465
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6F73 15 KB
15 KB 34ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 679654b5f692831b932dbaded0b5bdef3e39d03dd99593d2bd38d9bb6da53ba0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15250
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6F73 16 KB
16 KB 34ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 667ff4d0a37819907a9da2e5e27e4e2e01db75ac6cc398e84b56095ce2fe2bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B0E5 80 KB
31 KB 54ms
30ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dbbe17ffa2c6ecf7f51928c8c7b16a626d543fadbde1c956104eeaa892a861a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31896
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame CE91 80 KB
31 KB 65ms
42ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dbbe17ffa2c6ecf7f51928c8c7b16a626d543fadbde1c956104eeaa892a861a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31896
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F846 1 KB
420 B 34ms
33ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:23:09 GMT
server: ESF
date: Mon, 25 Oct 2021 13:55:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F846 16 KB
16 KB 34ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4bfeaf4bb8564f95f00ad068504592cc2716a515420180f5b72c121e261ae393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F846 15 KB
15 KB 35ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 679654b5f692831b932dbaded0b5bdef3e39d03dd99593d2bd38d9bb6da53ba0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15250
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F846 16 KB
16 KB 35ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 667ff4d0a37819907a9da2e5e27e4e2e01db75ac6cc398e84b56095ce2fe2bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 36B3 51 KB
51 KB 44ms
7ms Script
application/javascript 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=39570700125856400710612011758018&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 30427
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 25 Oct 2021 05:28:00 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: nJmHzwf712HPg68m3DKmdFzQ3pQbk1FktwaWfTL2KMD93tU_VlUR3w==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 36B3 85 B
552 B 498ms
442ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=18170200110046300951433011758021&wglinkid=498343
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: cache-not-used
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 85
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 5388 80 KB
31 KB 26ms
25ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cd06ffdf5ccabb029d0dc8275bb48b4fc234350cbd7cb8de6cc348e8e47bfc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31894
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F840 51 KB
51 KB 49ms
14ms Script
application/javascript 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=25452000104720100710612011758003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 30427
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 25 Oct 2021 05:28:00 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: mvG1LMyTxccWRqt-ie2T2PiHwwYFZiKu1y6a_6uSgiXGCefjJ76VMQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame F840 3 KB
3 KB 87ms
32ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=20536700120285900710624011758019&wglinkid=2513145
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2082 4 KB
650 B 33ms
32ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 13:53:29 GMT
server: ESF
date: Mon, 25 Oct 2021 13:55:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2082 16 KB
16 KB 36ms
13ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4bfeaf4bb8564f95f00ad068504592cc2716a515420180f5b72c121e261ae393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2082 15 KB
15 KB 35ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 679654b5f692831b932dbaded0b5bdef3e39d03dd99593d2bd38d9bb6da53ba0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15250
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2082 16 KB
16 KB 37ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 667ff4d0a37819907a9da2e5e27e4e2e01db75ac6cc398e84b56095ce2fe2bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8FEB 80 KB
31 KB 37ms
36ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cd06ffdf5ccabb029d0dc8275bb48b4fc234350cbd7cb8de6cc348e8e47bfc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31894
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3749 35 KB
13 KB 25ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5CE9 1 KB
420 B 33ms
32ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 12:24:05 GMT
server: ESF
date: Mon, 25 Oct 2021 13:55:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5CE9 16 KB
16 KB 71ms
12ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4bfeaf4bb8564f95f00ad068504592cc2716a515420180f5b72c121e261ae393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5CE9 15 KB
15 KB 75ms
13ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 679654b5f692831b932dbaded0b5bdef3e39d03dd99593d2bd38d9bb6da53ba0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15250
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5CE9 16 KB
16 KB 76ms
13ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 667ff4d0a37819907a9da2e5e27e4e2e01db75ac6cc398e84b56095ce2fe2bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AC46 51 KB
51 KB 51ms
19ms Script
application/javascript 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=43215700121998400710616011758016&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 30427
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 25 Oct 2021 05:28:00 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: 8NkZnugp2_0hppje-jYg5LnrfFIUt88flr7ec1RTEM4A6EUJBPz1_Q==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame AC46 85 B
552 B 541ms
486ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=14033300100142800710612011758015&wglinkid=498343
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: cache-not-used
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 85
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data
b190.s79.research.de.com/ Frame 98F0 43 B
308 B 11ms
10ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/data?/lJAMEPGAA+rvFro0F0wF6vAvkE5uFhtFvuBrpFl2Fu1EhgBo0F0wF6vAvkE5uFhtFvuBrpFl2Fu1EhBFLruFCLkqFFlqwFyyAw0Az0AL2vFBlqwFyyAw0Az0ALkmFBTkzFkQ5CAAAAAAAYAAAAmDAQAAAAAAAAAXAAAAmDARksFAQtjFaJwRSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:05 GMT

GET
H3 200 dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464
adservice.google.com/ddm/fls/z/ Frame 0A4C 42 B
63 B 60ms
59ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ36xKrb5fMCFVPu5godVkkPoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2231180193822.0464?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415
adservice.google.com/ddm/fls/z/ Frame 0AA0 42 B
63 B 58ms
58ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMnQxKrb5fMCFcilUQodvKMA_g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=408331128919.2415?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136
adservice.google.com/ddm/fls/z/ Frame 7CA2 42 B
63 B 60ms
60ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNbSxKrb5fMCFQGwUQodNyoKpw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3505430478327.4136?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9D32 51 KB
51 KB 7ms
7ms Script
application/javascript 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=99822300098877200710612011758012&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 30427
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 25 Oct 2021 05:28:00 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: Lrbn2AVHJpQPSjZJeEhyXo9n-dHZLWXuQqsnMPtR0xmt2HHKBcufgg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 9D32 85 B
552 B 501ms
441ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=18170200110046300951433011758021&wglinkid=498343
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=99822300098877200710612011758012&nw=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:06 GMT
Last-Modified: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: cache-not-used
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 85
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3B3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPJtjnsTR44qzWdv1HVA6MZM_VNSbseO6rasaxGEsGdU06IaWBFL022fzkLrgkaK3pRvD5D-bK1...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPJtjnsTR44qzWdv1HVA6MZM_VNSbseO6rasaxGEsGdU06IaWBFL022fzkLrgkaK3...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3B3
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGgV6HMvZdINwn0ufaWXHvg&google_cver=1&google_push=AYg5qPIZCUALz8bTyaX57PR4iSZcsVRAB3XdtJo-u6LPm8cR7lH_5lwwFEgcy-ne7DoJXh3wnQqekznIOgX4Cc...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIZCUALz8bTyaX57PR4iSZcsVRAB3XdtJo-u6LPm8cR7lH_5lwwFEgcy-ne7DoJXh3wnQqekznIOgX4CcqD_9V57VKDdJGmng&google_hm=hmF2tznqSPXeMAX...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIZCUALz8bTyaX57PR4iSZcsVRAB3XdtJo-u6LPm8cR7lH_5lwwFEgcy-ne7DoJXh3wnQqekznIOgX4CcqD_9V57VKDdJGmng&google_hm=hmF2tznqSPXeMAXDhQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6176B739EA48F5DE3005C385BLIS

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIZCUALz8bTyaX57PR4iSZcsVRAB3XdtJo-u6LPm8cR7lH_5lwwFEgcy-ne7DoJXh3wnQqekznIOgX4CcqD_9V57VKDdJGmng&google_hm=hmF2tznqSPXeMAXDhQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6176B739EA48F5DE3005C385BLIS
date: Mon, 25 Oct 2021 13:55:06 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3B3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBTgPXc5iZBMZWgAmyXYRUI&google_cver=1&google_push=AYg5qPIZtEh4MhNiotEynulkSHTtigxoiJzO1yIgwFXhS56nE97f_pKAXe3MyQU35LnP4Rvw9zw3A3d9aAmVSC...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPIZtEh4MhNiotEynulkSHTtigxoiJzO1yIgwFXhS56nE97f_pKAXe3MyQU35LnP4Rvw9zw3A3d9aAmVSCDkOY...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPIZtEh4MhNiotEynulkSHTtigxoiJzO1yIgwFXhS56nE97f_pKAXe3MyQU35LnP4Rvw9zw3A3d9aAmVSCDkOYDeqF8oJ6UzKQ

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPIZtEh4MhNiotEynulkSHTtigxoiJzO1yIgwFXhS56nE97f_pKAXe3MyQU35LnP4Rvw9zw3A3d9aAmVSCDkOYDeqF8oJ6UzKQ
Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3B3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI0Z3tk0fGPEaD4FeXi8nfE&google_cver=1&google_push=AYg5qPLF-Q0IpGInjRq_3Na5TCRwm8rupT5X3jA5p8-7u0hc3Lb6f3WoWXHyCqekpzpg6rSUgM2luGoXTMSVrYmG...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPLF-Q0IpGInjRq_3Na5TCRwm8rupT5X3jA5p8-7u0hc3Lb6f3WoWXHyCqekpzpg6rSUgM2luGoXTMSVrYmG0T-FQiqP5wrvcA

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPLF-Q0IpGInjRq_3Na5TCRwm8rupT5X3jA5p8-7u0hc3Lb6f3WoWXHyCqekpzpg6rSUgM2luGoXTMSVrYmG0T-FQiqP5wrvcA

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Oct 2021 13:55:06 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPLF-Q0IpGInjRq_3Na5TCRwm8rupT5X3jA5p8-7u0hc3Lb6f3WoWXHyCqekpzpg6rSUgM2luGoXTMSVrYmG0T-FQiqP5wrvcA
x-host: tde-deliveryengine-production-7f8fcb5db4-jpgk8
alt-svc: clear
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A3B3 0
12 B 34ms
34ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-oU_ztNTGiU7gK-q3r4MsYYi0EmwVVgmxxjoanGSAjhWL7EEx

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38
adservice.google.com/ddm/fls/z/ Frame 4A14 42 B
63 B 59ms
59ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CN7oyKrb5fMCFbX21QodZEsKIA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890736738240.38?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame ADF5 114 KB
39 KB 59ms
28ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
Origin: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:05:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame ADF5 8 KB
3 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BquTwJhFvzO6BVAhBPbOA4qyvSFqexh4YfEVi52L7wTVb6Q1KazX_FZlcstpQu83aWoRqxVjPuL5_GtSMEKzJ2fEuwhNpkNJko2VIdCx-hLoUX3FYlKljqkrMztOCOloLatd-vdu8RkTk8-8ohFl52TnTQrQ&dbm_d=AKAmf-DyT4rTKi6l-Fall_6UdxoEpJLCvCv_n6KXyzmsx6xHZg5xG34IWZOCOMwqtAaVqh7ez2K-5wpyPLmAPUTw71mGmNizJaiLXVRPz3fP4OzH-w3kaykxSGXtOOxBpFEGW_8Frx6g6jsPMSVXffxfhwk8eH9GYifZM-8mt4qjOUFOLVUahXOPm17CZD9FFs57t6_fkj6DuHtlVzyc9Z2y1RlhX8j6qj6bre6zTZxhIH1lMyLs4KSBFWq7iBuVZZL1PnES3Yy9LoR0IR87VBQ-4CRZiIxcg5PS9Gk3jM6OvCezSF4IJIFLJB4jHJVGXEK7CYmAA9R-ntSAxkIo0c_ie8wymaqJW9umOSy7jt49Mr8bmjPEZOFvQmLyNZX9YVz3T-eGe623mYdvgp8Y2re2W1F-5Sctyqzq9ph36DhxMsqFW25pEZQF-ioAM3TkHoVEx5x-0jW3yXVPnE3W_S_zChlegHI-IwhBXnNZi5ulAWvtG9duVSySl07KHbxUC_AKkLe0xRyct8qb6n8B_lEu6cifG7ow0DYKFHyro8nXD0mFvUIURawfRRFKNlKBSZtIYnreIoyxzl91R_ETfFK-1zF9J66W2R1Fp1lv1-9CUUOJ3Hz2IWAsrDH3MWGIYt1heisAe3Ey64gn4oOjyhnAIv4KXb2RIZiX5Lh0XPw3CsiyJ0idkOGP-LoLTmPyBOmuxPRJWoxRnVVe55AhJ581Ayy0KJQ8jtyoHXg_bAZ_ODuLQOCTYov8QS_nLS8s-S38VqtnhenNUCARURBgPhOjm9fK7tGtFknKhkWxcHEyRI2FuFXSTwxRd9sI3CU7YLS4qScjIuWBUlEr_29cCb0aSBGQ4H0M1wCFJRUxJ0gbhYjFuPnvsFui2Qm92E982gKZrjPjfZZaXHRlmerpFBjH70je-0_k4mmfnajc05tQmedpRcMJkZclv0TIigx6AGw_0vOxD_MeiUtS2loEt8rpkigE0DW6jFieB4rf-SqR6GNbqVyB5ZmNNPBucEFSTKlq1CaiJnXYSpLs8H1Pf_KlvxKPw_o8Qf0J1m0plI21-loIiXG4H8_MbwW9Z7XhcxtjHeylP8C1l6-n8tTw6ABVtICpU3t1b7vi7iWHUQG0YhcuOdPFX5IwJiV_xsHd2TuDfyHEymiAvwBwxgbJKZmgR1yiQcxOT92yU-9aUWOEQJ1f0Ryi7NXvNYFVJNv4TBoqHeixHhU33TNcU_2l7h-TM9KosdWKTXPfQmbupTBb7zauyjlUie5XCVSLbIHOyX5xFNJH3l0QgHzv5sTm7UJgXKyQPOzch9tCSE7nXitqF3DF4HIT7nrn8Zk6oUJ63xQyCkn2_s67PZRrSZPfqhOoBi8pwHrbFcJnnilPgHt3GuDwyWHS7WuH780HAttW4QII-l5KPtgSBliyZVtMGF0C63sVBB4KlnNk_OrHYxr1KZ00gb-Yv5JOQIwAgyt1ZcvckBdMOjCW0yq0VPkcLq_EG_A7W6eqTrZBhCGXwad-Did0xACbSW0kMiF8z9ilo9uhUiRPQ81oKMTmvcEN5Ykq0HXEY8nt9bB4RbSr4XKUyNAKXJNzaW1YZWsdPS7MsmQBxhu8aAmUSSo3A-NmCYc9y1RjeFHx1CQ2nvUCMeJNbmUL1Pj_O1QmLPHBYyS6oBqRHr1e0snuNYzVXlqjwEi1xb0DgLSbEuQxXdAccvnTeShbAg7U7eu5XI2y3gMMAcx002CCiYgHdukxgMxjjqgaiMF7Xx2Et9P-6cNUsh6tURoUCkfHSpBJewKZM_2rQAVZkh6NDZBcGTabqS9dBLTQkbmNoUZ8L_TDP62T4we8PTO2ZdM0Upr6O4vV4o92_DS6OXgOsUXFkWaet4jlfQL06xoEh89MRsUsBhjk2gc-N-qXZ_fHJPGqfCsOEfzhKfLTuUDjIcsPTAVXRBdi4xe8NOkZvPVaCaHmPMOHaCnVxXUtDXd6Z4Yu4wLQwQ4tx9H1vD7k9NtfhztG7I_l0TA_V_BPWi-b-i1E9y1ban_I9VeOyPWB0T50iFLCKyo14kM1qUVwN3EAecVj91UppzJOdtVO6EC_2DT9bI_lG1hGykm2aZvqgYXcbXFYfWfikoF09UIGURdbFDgrgeETT4QtyFw9Fao82SLy2pQZLmRpQUIhjSeGsuYVDX-Ts8Bi10WghQ6YoS9w6lvrkyRgTK7nnRigt9IvuBTaJFkuqsAuh5LmVOxSDn2BH0yKIJk3P9zSsWZlgtWu-9iJlpjYrUFfsJ9Qm-QqzUMTLbZWXcP6niRlqzeLYWs6RWolDSya_17h5IXuOF5ENT0zIMt7Da7IMiwfYqTycTT0JyrpEz-bWvR3XzmhghCc73B56rWapcpDlx9suRRNsPnBaoN_2GtA5PdbbEDlqZKBmMJhM8XYIctQ1xix571VWR13vbz0AfI84oW3xB3W5MPIw8ISzdlz-xzyt_lB1QCtatFcIWw98Bcw0ooGjs1u0jJ8v749VrywtwJ8IokA-OxPxbUCnwanda7Uhd7zRW9TyUtWBEiH1myjoebFmQNylL3aUsD-OPypg2b-yMdOHq7B8fgf8-5Hvpe8N-6WQnqq4uT3VM5IM_0wGmlmuj1bnM4AL9GOhexO8-MMdpNbB-0xgsYAETFR7TqpK3ixQYVvA7po8JfefJCH5FaO1hZg7NPcsU0-w8CC0gVmvgOW_JY_CnDgtpurmR83GDEMTuvUDoejYcG58CL-Tg6pbMusxgfolxb_Phk7v8dGkHh3x7ZrQaZjkb-1x3LS9m2KGiwR1EWggnez4J75Cel-1FHa9oFrOl2VRtAeSVZqdEEyg0q6P5xoJ22HO1vZqACUnpNC6kgYQJkPDxaqSBZ6HQxIehOcj4nkhG6X5x3irWq05kEaCzjfCzWQeW3vIhJ8iVeFoN9_R9KEGc8o8LhEr89L4FmJ6XiPn8nwxpO_aCrA8mN8z9yyqPGZ0DyxxzOFivHzF6Dk83WhmUs5rzvfQwlBJ6DtbZJ-wKO5B7d3KtC_ZpotQti8DAlosECHkArrkK_99hwdA0hIX76eFRycV_5TliRCo2oa2aSilEcPWcAfzp290bxA4Lq_kr-tAHiyHPdGtHYhDikRQ6FfCswpK91qoIPaKTeuveN-BYCikVCH&cid=CAASEuRo-nIt7Gn1fiNvtrrBOCt4kw&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame ADF5 23 KB
9 KB 26ms
25ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 13:54:19 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8676
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL7XrpCLZX7Y0tH2QytQYFc&google_cver=1&google_push=AYg5qPJtrXBKba1x4TgHhOAHAyqT3R1zLXH8i01YiQ009SjYue-GehAwmoWcwM_2i8xrVxjqigSMqk3T3lI6JJ3hOV8VmFGXLZEJsA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg3OTQ3MTI5ODUwOTc5OTgyNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL7XrpCLZX7Y0tH2QytQYFc&google_cver=1

43 B
407 B

30ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL7XrpCLZX7Y0tH2QytQYFc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL7XrpCLZX7Y0tH2QytQYFc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8676
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENBmm2_22fAOP8G3GG90ih0&google_cver=1&google_push=AYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBmm2_22fAOP8G3GG90ih0&google_cver=1&google_push=AYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKg...

43 B
440 B

168ms
160ms

Image
image/gif

104.18.12.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBmm2_22fAOP8G3GG90ih0&google_cver=1&google_push=AYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104293&bpp=14&bdt=112&idt=452&shv=r20211020&mjsv=m202110200101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=2&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=567177516&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=11454&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=21066429%2C31063253%2C31062526%2C31063166%2C31063183&oid=2&pvsid=3839966302367793&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.mzo0fcj03kpu&btvi=1&fsb=1&dtd=464
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a3bf0cffc4d7166-DUS
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 7870
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a3bf0ce78797166-DUS
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBmm2_22fAOP8G3GG90ih0&google_cver=1&google_push=AYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLhUN5SDU3BFHEzuKIFAgxADiy17aCX-P1p_eB11D9iaAzxskIqxlDzG5O456p39CVC0LaJFzOEMWILmLyYiz8YiADfQKgB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8676
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPL9z8zjapt-oNVi2q8VDGxgnrQ1Iu...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPL9z8zjapt-oNVi2q8VDGxgnrQ1IuKYBGE3Cpop77cjzqMmVc5rg06T13oe3C9oSbK6hXJQ885ERfHTRMDCufPgXBdsPt7LhA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635170107.583119,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPL9z8zjapt-oNVi2q8VDGxgnrQ1IuKYBGE3Cpop77cjzqMmVc5rg06T13oe3C9oSbK6hXJQ885ERfHTRMDCufPgXBdsPt7LhA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 8676 43 B
65 B 32ms
30ms Image
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEAqzvBbkixL7bcngbdR368E&google_cver=1&google_push=AYg5qPKNhQ7rU8idIoWEvis8kSfqxuNwXEVa-HItJVqb2hHgK7IDc-9qsRpf3oeQl5oU9h2BsmYa8WHX-5vC8IbOWNB6fiwk2rCUDA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 13:55:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8676
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CWvwwinhStqtQvuV9ile4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CWvwwinhStqtQvuV9ile4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKZJtQN484phXMPONIR4hv_dS5WoZW-gdE3O-vUP6a4MG4JEXo2WiFnRpFqbcjd-MNTkTe4dnnqrOheoviGWKM-B9IZHga1AA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CWvwwinhStqtQvuV9ile4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKZJtQN484phXMPONIR4hv_dS5WoZW-gdE3O-vUP6a4MG4JEXo2WiFnRpFqbcjd-MNTkTe4dnnqrOheoviGWKM-B9IZHga1AA
date: Mon, 25 Oct 2021 13:55:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8676
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIgQYPqhtJ2XzyHceb9gZlM&google_cver=1&google_push=AYg5qPJoVuM0Q7hWdPm9F5orWFGJJrAbPBLYMi4gPlXcBkG3Tt7nE517EUEpfpH3pY-N4jUiqViAjPEycGRiU8OY...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoVuM0Q7hWdPm9F5orWFGJJrAbPBLYMi4gPlXcBkG3Tt7nE517EUEpfpH3pY-N4jUiqViAjPEycGRiU8OYFRWpYE7FbIf3ww

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoVuM0Q7hWdPm9F5orWFGJJrAbPBLYMi4gPlXcBkG3Tt7nE517EUEpfpH3pY-N4jUiqViAjPEycGRiU8OYFRWpYE7FbIf3ww

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Oct 2021 13:55:06 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoVuM0Q7hWdPm9F5orWFGJJrAbPBLYMi4gPlXcBkG3Tt7nE517EUEpfpH3pY-N4jUiqViAjPEycGRiU8OYFRWpYE7FbIf3ww
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: QkhScyAO2lcxk5BxyA7nYiYdDyOKAKsfuerxm5RDCRpPtlThNubTUw==

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 8676 43 B
65 B 41ms
40ms Image
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESENY-vbBdyKfc8kJApBjgi3g&google_cver=1&google_push=AYg5qPKScV2v1Xq6uRwhX51vKj26fHkAstxxE0zfe-ON9lwCBYxkHucRJca_gHi5HEb1UcHFfPHTQo4kAXhs7ZCYlsgXRCuFVMzcGXs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 13:55:06 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8676 0
12 B 40ms
39ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJkRLdqJODjor5riZn-93rSB1hmWhW4N7KJn2VOLkOSOoolu6SkJ4dJW9FGBDYBzF-gW1USg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 98F0 0
23 B 98ms
60ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame 6F73 0
150 B 36ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=39570700125856400710612011758018&a=4399dac7&vb=m
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=39570700125856400710612011758018&a=a91e96a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 txt1@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 2 KB
2 KB 22ms
22ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt1@2x.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

b02a3233f069f3f0ccfd31f2021073f91e74b438c7b69d201dd5c1719557f321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
age: 84306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1685
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 14:30:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 2 KB
1 KB 23ms
22ms Image
image/svg+xml 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/logo.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 19:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 19:26:12 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 24 KB
24 KB 23ms
23ms Image
image/jpeg 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/bg1@2x.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614953&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104370&bpp=15&bdt=130&idt=399&shv=r20211020&mjsv=m202110190101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1687090472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31063252%2C44748552&oid=2&pvsid=2129748362678624&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.z5sgncz6q8hb&fsb=1&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

b2732f593e4de0876048948d71b5c75f140349eaed97c3d2b15a25fa74863058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:54:25 GMT
x-content-type-options: nosniff
age: 7241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24287
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:54:25 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 487F
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEE9B3m8gD6LgMc7cHRr9_hk&google_cver=1&google_push=AYg5qPLfgBMpEbNyoctDIOh1rfLX8RbjMjA-GGpHG4BxEw529gd98MEclGJpM4r8VNV4V1W9qEvHyLaiB3kmqwLgVBGzGjs...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLfgBMpEbNyoctDIOh1rfLX8RbjMjA-GGpHG4BxEw529gd98MEclGJpM4r8VNV4V1W9qEvHyLaiB3kmqwLgVBGzGjsb2AMN&google_hm=NjYxMzIxMTk...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
816 B

63ms
16ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENoU262XZZpUa05kFlDx77s&google_cver=1&google_push=AYg5qPIPvngGGEm3kI6V55PhuB-gi-gbcU9ZqEXwKSLwdqvEGrD9sKR0UZy4AURM2vXYOzRGPfbDdQKR0ETzFOauBQb8...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=e19b13ac-75f9-465a-bf4b-93527a1f5e63
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=e19b13ac-75f9-465a-bf4b-93527a1f5e63
https://x.bidswitch.net/sync?dsp_id=4&user_id=227bff59-abf2-4a5f-ad9f-386bb4b60d5a&ssp=google&expires=30&user_group=5&bsw_param=e19b13ac-75f9-465a-bf4b-93527a1f5e63
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPvngGGEm3kI6V55PhuB-gi-gbcU9ZqEXwKSLwdqvEGrD9sKR0UZy4AURM2vXYOzRGPfbDdQKR0ETzFOauBQb8pAlx2R4&google_hm=4ZsTrHX5Rlq_S5NSeh9eYw==

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPvngGGEm3kI6V55PhuB-gi-gbcU9ZqEXwKSLwdqvEGrD9sKR0UZy4AURM2vXYOzRGPfbDdQKR0ETzFOauBQb8pAlx2R4&google_hm=4ZsTrHX5Rlq_S5NSeh9eYw==

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPvngGGEm3kI6V55PhuB-gi-gbcU9ZqEXwKSLwdqvEGrD9sKR0UZy4AURM2vXYOzRGPfbDdQKR0ETzFOauBQb8pAlx2R4&google_hm=4ZsTrHX5Rlq_S5NSeh9eYw==
Date: Mon, 25 Oct 2021 13:55:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0Dln...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFPWhbDyqyYlwxvmUELZm08&google_cver=1&google_push=AYg5qPIkXZaMRnNe0xnpejbEq6-a5B0ZpEQYi78GQnHJ65-FoS4fv5mfqHolklbP3Q2lulVvWA_Bmv...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIkXZaMRnNe0xnpejbEq6-a5B0ZpEQYi78GQnHJ65-FoS4fv5mfqHolklbP3Q2lulVvWA_BmveRglZMaZFBeROpcXh49w_X&google_hm=MjE0NjM2Nj...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIkXZaMRnNe0xnpejbEq6-a5B0ZpEQYi78GQnHJ65-FoS4fv5mfqHolklbP3Q2lulVvWA_BmveRglZMaZFBeROpcXh49w_X&google_hm=MjE0NjM2NjMxMjUwMjU2NzY4Nw%3D%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIkXZaMRnNe0xnpejbEq6-a5B0ZpEQYi78GQnHJ65-FoS4fv5mfqHolklbP3Q2lulVvWA_BmveRglZMaZFBeROpcXh49w_X&google_hm=MjE0NjM2NjMxMjUwMjU2NzY4Nw%3D%3D
date: Mon, 25 Oct 2021 13:55:05 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 487F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFGuRKbCvQP6kHEXpwxcDXs&google_cver=1&google_push=AYg5qPK3j52tLbd3GcfNqyCutL4-5lgX19vUAy1cLfmmQiwuOkDg0l8mYwEfG9BiBveJzx-_U7...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jd0hYcXhkRTJ1R3dNR2tKMW91S3ZVUExsT0dMLjZWUX5B&google_push=AYg5qPK3j52tLbd3GcfNqyCutL4-5lgX19vUAy1cLfmmQiwuOkDg0l8mY...

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jd0hYcXhkRTJ1R3dNR2tKMW91S3ZVUExsT0dMLjZWUX5B&google_push=AYg5qPK3j52tLbd3GcfNqyCutL4-5lgX19vUAy1cLfmmQiwuOkDg0l8mYwEfG9BiBveJzx-_U70l0p3WvAlh6A118DgDFnoW9C8Z0A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jd0hYcXhkRTJ1R3dNR2tKMW91S3ZVUExsT0dMLjZWUX5B&google_push=AYg5qPK3j52tLbd3GcfNqyCutL4-5lgX19vUAy1cLfmmQiwuOkDg0l8mYwEfG9BiBveJzx-_U70l0p3WvAlh6A118DgDFnoW9C8Z0A
Connection: keep-alive
Content-Length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 487F 43 B
65 B 33ms
27ms Image
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESENY-vbBdyKfc8kJApBjgi3g&google_cver=1&google_push=AYg5qPIqBNX_80jU7u13X1Seg8bLdfKI8xZIkFr3BFxtONIE4z3qYD7DeETsEx98EnkskHvQo-3m6volhVXH2d6CRoFacOy2t_JMHw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 13:55:06 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 487F 0
12 B 39ms
33ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LexwdWxfB2DbyCkuU0kWtmvEN0hVHa-8JoHV3GltFGAOv-cgso1nNlrn-b-zDXWcG3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104322&bpp=11&bdt=130&idt=497&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=1170011544&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=12607&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062945%2C31062525&oid=2&pvsid=4298614532813414&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.2nzg4gnld45t&btvi=1&fsb=1&dtd=512

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame FE24 35 B
210 B 18ms
6ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGeSQdwfJ7EwDohvvlbpWY4&google_cver=1&google_push=AYg5qPJmUki3NZI1mE1nBAoybm9zCAJRJhtxKspR8KNQz05nZM7x67vAxiZUenokfjsitSLEJyN37r-gsu73mw2h1TeZlbRz86k

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame FE24 0
103 B 23ms
11ms Image
text/plain 64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJmnno4ucqsDuEOkIIxGhUc&google_cver=1&google_push=AYg5qPKkRnUyyr9XroFXBffV0ICd_MeiXRlUzYJnrGdizNtmylffqb8-ut_3b89CUX7VYW1tpIgpKMI6tsQHvEXrDanEi-a1CbqO
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE24
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPK_7GvbWxIYDEMSIHYdCi4qFFCmnu...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPK_7GvbWxIYDEMSIHYdCi4qFFCmnu1qZDV3VmUyiF1JENxUbC9y21s36Wz1P_M_XN6hWdv6uzkqvjSci2hqQ2tkZWtjTpYL

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635170107.627095,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPK_7GvbWxIYDEMSIHYdCi4qFFCmnu1qZDV3VmUyiF1JENxUbC9y21s36Wz1P_M_XN6hWdv6uzkqvjSci2hqQ2tkZWtjTpYL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE24
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPIWpYPX7SB0pA8jA5QLilESAJtkHO0tDMsitGW74K28R45Cb9wu5lkkz17lHM4F-s52DJkmaxn...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE24
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOny4d8ujBQ7I69pgyh_aMU&google_cver=1&google_push=AYg5qPKK7tsHJq_T9qOAQRslR7bkYX_pfyxcn6Q8CD8iYABSD6vA2ii9UpAPx63t87OuFibeEQZhPuR0...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPKK7tsHJq_T9qOAQRslR7bkYX_pfyxcn6Q8CD8iYABSD6vA2ii9UpAPx63t87OuFibeEQZhPu...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPKK7tsHJq_T9qOAQRslR7bkYX_pfyxcn6Q8CD8iYABSD6vA2ii9UpAPx63t87OuFibeEQZhPuR0dUFhLEfqLVZPjNzKdmk

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPKK7tsHJq_T9qOAQRslR7bkYX_pfyxcn6Q8CD8iYABSD6vA2ii9UpAPx63t87OuFibeEQZhPuR0dUFhLEfqLVZPjNzKdmk
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE24
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOny4d8ujBQ7I69pgyh_aMU&google_cver=1&google_push=AYg5qPIK6yjCZuqDyWq72c1rsB00wTmk9TDbaea3ZLekdCUnFRyYWgxW-4RAjyp4fr7mHFz_3RZ-Uxtz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPIK6yjCZuqDyWq72c1rsB00wTmk9TDbaea3ZLekdCUnFRyYWgxW-4RAjyp4fr7mHFz_3RZ-Ux...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPIK6yjCZuqDyWq72c1rsB00wTmk9TDbaea3ZLekdCUnFRyYWgxW-4RAjyp4fr7mHFz_3RZ-Uxtzmw70LlYQoha_sgHu_ih2

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPIK6yjCZuqDyWq72c1rsB00wTmk9TDbaea3ZLekdCUnFRyYWgxW-4RAjyp4fr7mHFz_3RZ-Uxtzmw70LlYQoha_sgHu_ih2
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE24
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEITSH1ylGvgZJCkO29t_y80&google_cver=1&google_push=AYg5qPIqZu4cq68vjS89adJuJdSfwkhgdTQzYQIoFZTrrciFfmoE-8gZuztFm4PdRVmIyQzCuL3laNGeh5r9CldxN_44p7JgS7s
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIqZu4cq68vjS89adJuJdSfwkhgdTQzYQIoFZTrrciFfmoE-8gZuztFm4PdRVmIyQzCuL3laNGeh5r9CldxN_44p7JgS7s&google_hm=IXlpRgWZwNMJYLrbRkzzjg==

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIqZu4cq68vjS89adJuJdSfwkhgdTQzYQIoFZTrrciFfmoE-8gZuztFm4PdRVmIyQzCuL3laNGeh5r9CldxN_44p7JgS7s&google_hm=IXlpRgWZwNMJYLrbRkzzjg==

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIqZu4cq68vjS89adJuJdSfwkhgdTQzYQIoFZTrrciFfmoE-8gZuztFm4PdRVmIyQzCuL3laNGeh5r9CldxN_44p7JgS7s&google_hm=IXlpRgWZwNMJYLrbRkzzjg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: i76eeomf3djue9tdf7qnkt3dfl4j4qrj

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FE24 0
12 B 41ms
35ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUu7f8YbpR2qOf56aMLbyOpXer33eYhyGeroiBWWDKfXELJmUeVgSd2tkCSIEIVUGvt39m

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPKO85Z_HwOZIu2PAKT1o1jrC4_1Z2...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPKO85Z_HwOZIu2PAKT1o1jrC4_1Z2q6p7BgqEU0DBNr69wkfue4eiJRPw7kys3AI2KqEbP4LO_G2k52ntZC-hQie7OmHqfqpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635170107.627277,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhhM09RQUwxbjFlZEFBNg==&google_gid=CAESEEBysGKAewuaBC-8SfSUsxw&google_cver=1&google_push=AYg5qPKO85Z_HwOZIu2PAKT1o1jrC4_1Z2q6p7BgqEU0DBNr69wkfue4eiJRPw7kys3AI2KqEbP4LO_G2k52ntZC-hQie7OmHqfqpg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B0EB 70 B
265 B 111ms
38ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMnja0IfCW0lCGx2cD034u0&google_cver=1&google_push=AYg5qPL4PBN5SE3gjS2KcOSSKWTdjkFjE8gMF4ZwoqIn6m5uHIUkAgjqyEz0oPsnTa1HFGDcenU95oQAvOicoVOcToR9yxt9Bt9h
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOny4d8ujBQ7I69pgyh_aMU&google_cver=1&google_push=AYg5qPJz5ZwnE7YiZsJlAJcpC-dyTMkbeNuy3rYAIDBbReO_EmdW-fJn9becfSjxBgq_cmn87876WuHN...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPJz5ZwnE7YiZsJlAJcpC-dyTMkbeNuy3rYAIDBbReO_EmdW-fJn9becfSjxBgq_cmn87876Wu...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPJz5ZwnE7YiZsJlAJcpC-dyTMkbeNuy3rYAIDBbReO_EmdW-fJn9becfSjxBgq_cmn87876WuHNY1C-t10WzXXM16i6iuHgWg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAxOTc4MjYwOTExNDcxNjAxNQ&google_push=AYg5qPJz5ZwnE7YiZsJlAJcpC-dyTMkbeNuy3rYAIDBbReO_EmdW-fJn9becfSjxBgq_cmn87876WuHNY1C-t10WzXXM16i6iuHgWg
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMscPp4IJpey82yFNfSO--g&google_cver=1&google_push=AYg5qPLY_xvjMb3pn7ydqQKp_-G6mATntQCWCzHLIEkTaKbmM_uU-4l9AGkMMepx4_ThGEvkr4O...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI5NlQtMTUtSjVZRA==&google_push=AYg5qPLY_xvjMb3pn7ydqQKp_-G6mATntQCWCzHLIEkTaKbmM_uU-4l9AGkMMepx4_ThGEvkr4O5WMPwp5oVX3A3Hm_YRPwIJJDQ

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI5NlQtMTUtSjVZRA==&google_push=AYg5qPLY_xvjMb3pn7ydqQKp_-G6mATntQCWCzHLIEkTaKbmM_uU-4l9AGkMMepx4_ThGEvkr4O5WMPwp5oVX3A3Hm_YRPwIJJDQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y2UTI5NlQtMTUtSjVZRA==&google_push=AYg5qPLY_xvjMb3pn7ydqQKp_-G6mATntQCWCzHLIEkTaKbmM_uU-4l9AGkMMepx4_ThGEvkr4O5WMPwp5oVX3A3Hm_YRPwIJJDQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame B0EB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04Pb...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EB
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.targeting.unrulymedia.com/csync/RX-bfca86da-0e65-4f6d-ae97-c0b6c74a8afa-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK6QiMclVuVDS6qjlB0X...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6QiMclVuVDS6qjlB0X5CuUOfc2pRQHdqxPE43-eng45vqLgOTA2x48AHBeG7MdwqH4dq7KxRS_iAbsYkft_zEN-Gtk_XX-w&google_hm=A7_KhtoOZU9trpfAtsdKivo

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6QiMclVuVDS6qjlB0X5CuUOfc2pRQHdqxPE43-eng45vqLgOTA2x48AHBeG7MdwqH4dq7KxRS_iAbsYkft_zEN-Gtk_XX-w&google_hm=A7_KhtoOZU9trpfAtsdKivo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6QiMclVuVDS6qjlB0X5CuUOfc2pRQHdqxPE43-eng45vqLgOTA2x48AHBeG7MdwqH4dq7KxRS_iAbsYkft_zEN-Gtk_XX-w&google_hm=A7_KhtoOZU9trpfAtsdKivo
date: Mon, 25 Oct 2021 13:55:06 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXbfca86da0e654f6dae97c0b6c74a8afa003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0EB
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMwg6nGfvx9gIe6y60IRd0I&google_cver=1&google_push=AYg5qPIGQRlA1LxVwORnmTrkuMzgTViyhYUohVgMXE6SCineHQjRnejLL0BB7PwYhsiczpSkl6jDq-PuYWpv1vJniauEk_iJ1J...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPIGQRlA1LxVwORnmTrkuMzgTViyhYUohVgMXE6SCineHQjRnejLL0BB...

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPIGQRlA1LxVwORnmTrkuMzgTViyhYUohVgMXE6SCineHQjRnejLL0BB7PwYhsiczpSkl6jDq-PuYWpv1vJniauEk_iJ1Jiw9g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Njg0NDk4NTk2ODM1MzUxODA0NA%3D%3D&google_push=AYg5qPIGQRlA1LxVwORnmTrkuMzgTViyhYUohVgMXE6SCineHQjRnejLL0BB7PwYhsiczpSkl6jDq-PuYWpv1vJniauEk_iJ1Jiw9g
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B0EB 0
12 B 38ms
34ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCyIRagZz1HJQhA99nyMJcxiH7Rz3szLIM6YlgwiP-wOINZJUH2UsDpjeHdqMcq9QWV-sE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1635170104&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1635170104339&bpp=9&bdt=125&idt=513&shv=r20211020&mjsv=m202110140101&ptt=5&saldr=sa&correlator=100612073848&frm=23&ife=5&pv=1&ga_vid=697022990.1635170103&ga_sid=1635170103&ga_hid=284055804&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=236&ady=9238&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31062525%2C31062931&oid=2&pvsid=2178010999477247&pem=857&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.a770r4udf3gn&btvi=1&fsb=1&dtd=517

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame F846 0
150 B 36ms
13ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=25452000104720100710612011758003&a=dac06fd2&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=25452000104720100710612011758003&a=85368ccd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 2082 0
150 B 35ms
12ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=43215700121998400710616011758016&a=23363a05&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=43215700121998400710616011758016&a=e46d3392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2082 16 KB
16 KB 21ms
21ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 06:12:31 GMT
x-content-type-options: nosniff
age: 286955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 06:12:31 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2082 16 KB
16 KB 21ms
21ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 592049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 5CE9 0
150 B 35ms
12ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=99822300098877200710612011758012&a=0e4b30df&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=99822300098877200710612011758012&a=a1f48bf5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D104 11 KB
8 KB 35ms
34ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

47f5f1a456a471f3d0846a7403d70a382dc3ffc4721faf37a858a0af76383cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8498
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FE58 12 KB
5 KB 26ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 25 Oct 2021 12:56:35 GMT
expires: Tue, 25 Oct 2022 12:56:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0AF5 783 B
534 B 37ms
36ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

56506bdcaaed2437da77ecd0cb9a0ede74daff7c39165d821d8dabb5c0afecbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2/nV31hPklvsGIdkdiMIxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 25 Oct 2021 13:55:06 GMT
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2/nV31hPklvsGIdkdiMIxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame F359
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC-ivhwEoaaObLglehxm5as&google_cver=1

43 B
549 B

45ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC-ivhwEoaaObLglehxm5as&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNX5spHZuar5iS27GizL578c4FXGrzmfpcE8ay5TtjWhNCjpVhUXNMHYlatJwCZF8o4FHgzp3hM66VmH9LtkofTh3Oh-zK-KJPtErGsNSlWzb4aPtq0m_j8a7c1pWlVFRjZPc9QZqrETMwkt2hZOeATTGUhwvDzy2_mcpZEAg2k4lblm3zY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 116
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC-ivhwEoaaObLglehxm5as&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F359
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjkyMGRiZTYtMzU5Yi0xMWVjLTkzYmItMTYwMjkyMDEwMjA2

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjkyMGRiZTYtMzU5Yi0xMWVjLTkzYmItMTYwMjkyMDEwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNX5spHZuar5iS27GizL578c4FXGrzmfpcE8ay5TtjWhNCjpVhUXNMHYlatJwCZF8o4FHgzp3hM66VmH9LtkofTh3Oh-zK-KJPtErGsNSlWzb4aPtq0m_j8a7c1pWlVFRjZPc9QZqrETMwkt2hZOeATTGUhwvDzy2_mcpZEAg2k4lblm3zY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjkyMGRiZTYtMzU5Yi0xMWVjLTkzYmItMTYwMjkyMDEwMjA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 130
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame F359 0
614 B 71ms
20ms Image
text/plain 87.248.118.22
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D104 17 KB
6 KB 47ms
46ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame ADF5 148 KB
57 KB 9ms
8ms Script
text/javascript 23.218.208.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.133 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e5b69da40b0a2ea196d225b715d78a9b5e87fbbb20ee75902cda02ac2537d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 13:02:38 GMT
Server: nginx
ETag: "\W00000582821634562158776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58282
Expires: Mon, 25 Oct 2021 14:25:06 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/ Frame C784 6 KB
2 KB 21ms
20ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

ac1e6d15b63403700f2748b80b53df9534307d7f02314259554cd32745c4b03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1925
date: Sun, 24 Oct 2021 15:10:46 GMT
expires: Mon, 25 Oct 2021 15:10:46 GMT
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 81860
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ADF5 0
24 B 103ms
103ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvChR88UvNZ5AW-4FxSdfB1_DU-v4fL4GfTE1dHcfrI3GuRa7nId5dV9trCRpvP_g4C4Wr5SKsilKmX-NMGpXi6KKiF1YZYARfvE9lcd4MyoR3qvpN0-L-LaeH6i6Y1-dZBufM8eyWUlxxmxlNGyWKqYyUNx0B3ssKVRh2No89NIbA1VQHsyBkeasEG_kLfWR4c3U_8Ng7gHYqreio3n4JpGEgkYyAaydTioan993wspKaUoByiGBJLvpxlQzoRtZuKL0dnLd4Z_P1ixe4IwyOJDT2fYTzZ3YJy0SuWfsWkKVu2oFBSxEPx_VnwzTjHimWTJBSDGX2KxSFibUZxDto4kBGqmln8wQWX09FUflsjBJkggCId4KIw_HCC0GXKRbnloaM0wDbt44eXjZELvDuKOlhYOjmvDSSGITW6CVR_J3kYULRHZ12z3hyJnDdT8MiOxcIQ58AyCYXkrSBS2W3IR4xL42i9gdt60wgQzfzZS-3arzEt4URJ4h_0-Gvoe1aFFEwqQpmVGFg-pTpKAfjYgzgPSk-uCxGWvm_kAisG7myJUQF_h5fBhgJ8tCARCnQUR6F4bufxzuSC5xmMx75Wj291rjTBPfdMrd_4oBZIj-vvgCZjcItByWfNbNINjzz_bCZPwrWw7Jl4aLWYJlYnYkGua4AXgvo1BNRG_aNJmayKzCmzNvXGr8jmqZmW5fWtWGs7oXw_Im0pwpvYwCCygjztHalKlATskPLzl9e2I2vqU3xml4Yfk5VeKsygRh-h-_rdDOFaizqVpWo-uPxX6Bw8HpAoYIF_9K3HJREw2VWHUb_asdRWQO3K76nVO3RJOOeVO0b4iIm1Ml8nV8ZAFdcNnXsjuK6asVo5q7HJiOdNAYFyiwCsMJBUE1nfpP7h4VQ1-vrfEQY2tBLYvHYQ1KTu9te0Jl7t7s5-duP-WWmqjkVe5SCX8D_XZDrVyVs26ipvd_DxrsdQyhGrPI7u9-gkAN8_b-LXI5jihuBBGj8tpL62vmPwN0JxToxeusjJ3ZCPVYz3_plr_VPatOcFMe3r_Xtmnxp6WOIckMKVU2mCOK7PfCBiJJnygnPINO_4wl1hQBvqxLBc0a9e_npu1GK8H4i2nKLzE4kzinsPlTa9Qsc76MSdNdv_we_DKSfnethfUvy6l5PVFI9o_AWK1LnF-dm5h7ymfr4PrAcA6o9oWnBiu1E8nfFzdA6_y4fDHouHOFCZSeNMXyzQDCmkkbLnYmaM23jN_ylHdv5xKYNd84hisA&sai=AMfl-YSGZsyAWvLPGUZxlm2Is9k-s4c7qK0IjrINgpjGomcRADYQ65rgMlwJ5MScN0a2lQwGgOxlwNgVBMPBzv3nvqxK__MGbQEB65l_ehZmJb4V468tkuSn1CdA8vZa24Mlc8-N3FVt-bInH_4F2UaRQzukGg1i2Q&sig=Cg0ArKJSzJ6Enni0Gz1yEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=279&cbvp=1&cstd=277&cisv=r20211020.58258&adurl=

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 25 Oct 2021 13:55:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DC7C 11 KB
8 KB 36ms
36ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d650d273ab2758ec8e5ca78360baccad44604096bfaa86d65226fe5110f72a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8454
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ADF5 41 KB
15 KB 26ms
26ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1A63 1 KB
749 B 23ms
23ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 25 Oct 2021 08:58:57 GMT
expires: Tue, 26 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 17769
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame ADF5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eea7430274ec6dcd58f552796c948c9106b5536075c27c6d9e8b63251b585b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 160C 12 KB
5 KB 26ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 25 Oct 2021 12:56:35 GMT
expires: Tue, 25 Oct 2022 12:56:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2D7C 783 B
534 B 36ms
36ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

6fa6f6c9e9c487278b124f13fb86c9916640ff2754e418f375bfac9a0dd38d53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QLyBJFGhwmMx7cbEbg/Pkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 25 Oct 2021 13:55:06 GMT
date: Mon, 25 Oct 2021 13:55:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QLyBJFGhwmMx7cbEbg/Pkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DC7C 17 KB
6 KB 54ms
53ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 25 Oct 2021 13:55:07 GMT

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame ADF5 82 B
351 B 11ms
11ms Script
application/javascript 136.243.15.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.15.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h339.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:07 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 25 Oct 2021 13:55:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame ADF5 0
208 B 14ms
13ms Script
application/octet-stream 78.47.15.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.47.15.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h549.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 13:55:07 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b192.s79.research.de.com/bb-mx/ Frame ADF5 43 B
291 B 45ms
12ms Image
image/gif 136.243.12.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b192.s79.research.de.com/bb-mx/submit?/VnIZBSAAA/whFtBo0F0wFz6BvvA0mEzwAxiE5wA22AhmFmlFwkE04A40AymEylEz4A3xA53Aw4AuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF1pyFo0F0wF6vAvkE5uFhtFvuBrpFl2Fu1EhvB+k2FmywAyxAtxAwtAx4AtxAz6AwyAtyAywA0zA0tAyuAxyAztAm4By3AkxBx0AKp6Fsp3Fx2Az1Ax3AwxAw1A41AzBEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF9CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5zAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF1uFruFv3FugBthF4fFluFnpFulFf5BzBELlnFB/k0FtBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA22Aw4AwxAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAx1Ay5A0yA33AmjEpkF9xA14A13Ay3A5xAmzEp6Fl9BzwAw4Ey1AwmAjiF9zA3wAwzA3xA0xAwBEUkzFpBFAAAAAAsE6D6DAPAAAAAAAAAOAAAAGAAAAAAsE6D6DABPOAAAAAAAABuY/AZDAAFAx8Ez8ExBEGAy1A52AzwArkz8APAAAFAAuY/Tkz8ASksFqEbAAAAAAAAAAAAEAAAuY/AAAAAAAIAy2A2wA4wAxxAJAzxA1yA50Ay3A3BEHA15A1yA3zA5BEHAzwAw4Ey1AwBEJAx1A41A3yA35AxBEHA53A14Az2A2BEdAAAAAAsEA6DAFAAAkz8AAAUBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzyA31A20A3xAx5A1vA2tAJXFFtBChF5vFurBtNEylFjtBzwAw4Ey1AwtAChF5vFuvBpuFklF4uBo0FtsFCANSFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFVuF3VA
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h300.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:07 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 25 Oct 2021 13:55:06 GMT

GET
H/1.1 200
OK data
b192.s79.research.de.com/ Frame ADF5 43 B
308 B 44ms
11ms Image
image/gif 136.243.12.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b192.s79.research.de.com/data?/VnIZCSAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFreVNSA
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h300.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:07 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 084E 11 KB
8 KB 34ms
34ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a68bf3df251c0cc831172da22fe841ceec129420895dc190f92fa831120ed68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8583
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5E1 42 B
64 B 89ms
89ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMo39dqgWOH2G7xcNgTlaG7xtlLsSAxXvNOO1vosrlqHad3JdgldWRBdkBNIvp0bgC4QJiIy40HLhBJ2ylnln-MhE6lk-tK6vo0kUn9COP0kRQBBqdIA&sai=AMfl-YSLifaG7c1yoGNfK22Jj55ZlvXLDK125V8-K_rSVoQ3jYRR0UJ8gGiG8AYXM4BmXcHhL0pW_ZGl0YnzP_-n4kmb3T3-6Xsbfg8&sig=Cg0ArKJSzDgWb8_u9ZAoEAE&cid=CAASF-RolrcjUioHQGqIyY_4FPuaKvatSskR&id=lidar2&mcvt=1088&p=0,0,90,728&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2347124645&rs=2&la=0&cr=0&vs=4&r=v&rst=1635170104807&rpt=1130&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0AF5 0
0 76ms
76ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2406490769796905&rc=
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C784 60 KB
24 KB 28ms
28ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 13:55:07 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/js/ Frame C784 2 KB
759 B 21ms
21ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

b9e5d5aae62603ad35dbe94e6d5e4f0b45a25d808b7ff441dd3cbedf7cae7447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 22:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 733
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 22:45:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F2A6 11 KB
8 KB 34ms
33ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d8b54f2c2be94ca69c7a4ec766f86768965b5e0b36e1ae656ae0b4bbdb5556b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8531
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DBBD 22 KB
8 KB 26ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 269859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 084E 17 KB
6 KB 50ms
50ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 25 Oct 2021 13:55:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8375 12 KB
5 KB 27ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 25 Oct 2021 12:56:35 GMT
expires: Tue, 25 Oct 2022 12:56:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9BE0 783 B
535 B 37ms
36ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

20935d45b80d68521d6e31fa1d8764001723f862c0272c225e301bb60de8eb25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sJpt6s9AIy97uM5ceGBLxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 25 Oct 2021 13:55:07 GMT
date: Mon, 25 Oct 2021 13:55:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sJpt6s9AIy97uM5ceGBLxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98F0 42 B
64 B 91ms
91ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXvwFOv6KLLQaqEzc2pfoXmVJNfVLuHwkQlP8AhnmjxVfVnPXs-YHt_SRxX1WemagnwknDQEO7xFfC-bue3or6SX9JBEjpD-0qcAyXdB2lIMKO3n71Kg&sai=AMfl-YSsvR856wnNiaiuPpZEUgVhIV2UbossmnSK0GFijRuRj5ongK4MLnojvS8ylLmAS1q-ujkbh0jeU8eod06fTUBuf1dCtQDl0bI&sig=Cg0ArKJSzEl6AJ7ImMyyEAE&cid=CAASEuRogaYtbT75vQdiJ2di1q8wEQ&id=lidar2&mcvt=1024&p=0,0,90,728&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2347124645&rs=2&la=0&cr=0&vs=4&r=v&rst=1635170104783&rpt=1289&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame FE58 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F2A6 17 KB
6 KB 49ms
48ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 25 Oct 2021 13:55:07 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1A63 35 B
210 B 18ms
17ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGeSQdwfJ7EwDohvvlbpWY4&google_cver=1&google_push=AYg5qPJORB5ABf4DOPaBdU29L2-MId9s-9jHSlLrxL1Fg8fPfU-bN6aGQszbw_fbdf3YIZ1UiT_pDBwKohd1sckENc0MddBmMUIX

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGthPXvJV7KVnxUlP_0TwJw&google_cver=1&google_push=AYg5qPIvrWVQA_nZ1Abd5TNljmj6RSLLitTcmizn8iwuutcWVFvsu7OZVuk1gkM8-Hc-uv0zvIPANBB7V_buSQe1Czm7wVf5-s7t
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=238AEEECD1124EC9985445F5A130C073&google_push=AYg5qPIvrWVQA_nZ1Abd5TNljmj6RSLLitTcmizn8iwuutcWVFvsu7OZVuk1gkM8-Hc-uv0zvIPANBB7V_buSQe...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=238AEEECD1124EC9985445F5A130C073&google_push=AYg5qPIvrWVQA_nZ1Abd5TNljmj6RSLLitTcmizn8iwuutcWVFvsu7OZVuk1gkM8-Hc-uv0zvIPANBB7V_buSQe1Czm7wVf5-s7t

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Oct 2021 13:55:07 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=238AEEECD1124EC9985445F5A130C073&google_push=AYg5qPIvrWVQA_nZ1Abd5TNljmj6RSLLitTcmizn8iwuutcWVFvsu7OZVuk1gkM8-Hc-uv0zvIPANBB7V_buSQe1Czm7wVf5-s7t
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Oct 2021 13:55:07 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1A63 70 B
264 B 32ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMnja0IfCW0lCGx2cD034u0&google_cver=1&google_push=AYg5qPLPZLagYuYxAZfAzhaI3REl4bAsmvRyMOIwLXniogkaAVRVFaXxoQ6OvscTnSOi-ubWftgzij5DxffyUV5MZD5gBIXHOTFT
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAAUuvHJA_Tae6SUZ2Tsp60&google_cver=1&google_push=AYg5qPLsPbG_-OVqjkqPSli8FiksCWA1JuFcT0Oy_2OYwC3iRdMhSQAhKvYFGo8H_h66sphJFYM-yls...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:06 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=FgntitMqQKChB6RjfuiQo2F2tzo
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGgV6HMvZdINwn0ufaWXHvg&google_cver=1&google_push=AYg5qPJrDCq5eh0L_Q0vz7hX-VUk7KzrsWPBNojSKlDc-qQkS3vBon-gAkoT9LqhFtE7vtoMqrTyC5Q3ffQ2yD...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJrDCq5eh0L_Q0vz7hX-VUk7KzrsWPBNojSKlDc-qQkS3vBon-gAkoT9LqhFtE7vtoMqrTyC5Q3ffQ2yD7x1wshDLvSUVxO&google_hm=hmF2tznqSPXeMAXDh...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJrDCq5eh0L_Q0vz7hX-VUk7KzrsWPBNojSKlDc-qQkS3vBon-gAkoT9LqhFtE7vtoMqrTyC5Q3ffQ2yD7x1wshDLvSUVxO&google_hm=hmF2tznqSPXeMAXDhQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6176B739EA48F5DE3005C385BLIS

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJrDCq5eh0L_Q0vz7hX-VUk7KzrsWPBNojSKlDc-qQkS3vBon-gAkoT9LqhFtE7vtoMqrTyC5Q3ffQ2yD7x1wshDLvSUVxO&google_hm=hmF2tznqSPXeMAXDhQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6176B739EA48F5DE3005C385BLIS
date: Mon, 25 Oct 2021 13:55:07 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBTgPXc5iZBMZWgAmyXYRUI&google_cver=1&google_push=AYg5qPK65w3STTMy45Zj7GbGqE3TZiCWBUbFRvp48SCVddylTgGcpIZOd3yNPJrZulIbJxcZfzH7eBNkgXtexR...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPK65w3STTMy45Zj7GbGqE3TZiCWBUbFRvp48SCVddylTgGcpIZOd3yNPJrZulIbJxcZfzH7eBNkgXtexROFcM...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPK65w3STTMy45Zj7GbGqE3TZiCWBUbFRvp48SCVddylTgGcpIZOd3yNPJrZulIbJxcZfzH7eBNkgXtexROFcMMZJej6WnYW

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzAwMjEyODY4MTY2MjYxNA%3D%3D&google_push=AYg5qPK65w3STTMy45Zj7GbGqE3TZiCWBUbFRvp48SCVddylTgGcpIZOd3yNPJrZulIbJxcZfzH7eBNkgXtexROFcMMZJej6WnYW
Date: Mon, 25 Oct 2021 13:55:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI0Z3tk0fGPEaD4FeXi8nfE&google_cver=1&google_push=AYg5qPI2QEc9hVnTiUNqxfZXDIgo4ChYfdf2i0yxtkGM2gorMYyhUL7728TByP_X-S-MyRQ9MOzw_30u0PtzVB44...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPI2QEc9hVnTiUNqxfZXDIgo4ChYfdf2i0yxtkGM2gorMYyhUL7728TByP_X-S-MyRQ9MOzw_30u0PtzVB44bYJqhU16vNib

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPI2QEc9hVnTiUNqxfZXDIgo4ChYfdf2i0yxtkGM2gorMYyhUL7728TByP_X-S-MyRQ9MOzw_30u0PtzVB44bYJqhU16vNib

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Oct 2021 13:55:07 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-ZseCBAaTmqNxLEIgTyo7Q2&google_push=AYg5qPI2QEc9hVnTiUNqxfZXDIgo4ChYfdf2i0yxtkGM2gorMYyhUL7728TByP_X-S-MyRQ9MOzw_30u0PtzVB44bYJqhU16vNib
x-host: tde-deliveryengine-production-7f8fcb5db4-fz9pv
alt-svc: clear
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1A63 0
12 B 35ms
34ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcbAiE9m_OI69lGvOL7nVAOt_4PXz9m5Z58-bVI_L3tgjmIeC33N8JMu_8RdYpVAz_Lv0A

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ADF5 0
23 B 59ms
58ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 txt1@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 8 KB
8 KB 22ms
21ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt1@2x.png

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d63b5fc0e557e90265b6bbeb1df0ff666385c40169707201a04a256bfdecfcc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 03:12:42 GMT
x-content-type-options: nosniff
age: 38545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8451
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 03:12:42 GMT

GET
H3 200 logo.svg
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 2 KB
1 KB 21ms
20ms Image
image/svg+xml 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/logo.svg

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:52:51 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 38 KB
38 KB 21ms
21ms Image
image/jpeg 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/bg1@2x.jpg

Requested by

Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

af8fafb5f486021de43b1191f32384766ab582ce9a7c99c1cd858ee4eb2b3929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 07:07:08 GMT
x-content-type-options: nosniff
age: 24479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38526
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 07:07:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2D7C 0
0 76ms
75ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2129748362678624&rc=
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8014 0
20 B 60ms
59ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOunAObd2Yd2dDLyK7_UPv-2TuAUAAAAAOAHgBAI&bg=!enmleT3NAAbUs_yW1LM7ACkAdvg8Wtn9mMKBd1kg_yW7GPHx-XztGFdRJQaI4iPqi5nFcIXq9kpLeAIAAAMFUgAAAFFoAQeZAwm8A21jdkxPMB9Js3Eo4G-sbsodefNZBcGo7_Lt-G3XfYrLzQfse4ax_jLFt37k9FhDdLtoshxO6c9kvvj8rRw0BO4ar_w3suWMlizysOrI7B7E_jjguZtI4PjYGp_qpRTKi3AItBB3TNCcTAoE9OZBV4U7cFOcNLrXqh5XV1KWi_MvVXQs6sqdTTltg-Dq7ij9zQdh0v5_CoIGV3qfhuOFAm0irwHlitXDUznYwKr56ed5Ld_u9ejQY-dzcT_EMFFE90b_-ylmrops_NOiZARjvBKYrZuNiBql2YxyXSjJtG4QarwuvBPi2LvAz09v2TP2yqI08D3ghYstLNRPMweOBNnuaqoPnRcAaWbLbX4ipZSGaL_6-sRqW2Gr6jvTUxuikNM4VTpOt_UOIR8U-wvSlbzDfHIwt_XoElA2zbXei4QDTX0mjtMLCqEzcTyA1Wj6-BszOmog1AQLmlI0pkH0K4UXcQeHrOP8f_nrpPDcMTMMat0T5zeYK7REXMmQTu5EJHuNZs1GNCfknRy4JxyzrNqavOIt2CD26JSaivnFFqKcIW10VpQUU3JbBX_hpewB879WEieEVu0AsoMmUg-0adjx1CzyHHTItkh_b0eXWKqYfMIpD4p12kL46wErM4dDreEsHYXOH2KvFHopkGBk6Sc78sfxnI_mMsQUumqzKgyWFfLe1tDqE1v2u2ysxGS7BQ2otE7rgygm563rDqtRxJJtRWdFHV2SmFCBuY03KfnP7GNlTOLPULJWNci_ePDkrBszTn0RKHGQIfA0yx884XxKWmWB8KEtIlbLeAmDUdIyBLu0MEZDb13M53wVcciqX5NoxI004JIfgd32XzD2MBrwpkBzurWHyCOkobhpmP-Q5qcp2oBqEdjfXGCEAGVKcWoy_WlUwgX7Bpqud6v-MmMiJUtsH1mMTajqzmKFZHUGbqwRfpX8kePh-J5_OL_voDZ-ks9rZlWOf-V9Tf2Pdq5LOOBaveqh5pXANtkuFhRWdntg59F26PDxYT9CGWerT9zzi484V-g

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A72A 0
20 B 61ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBrvpObd2Yb_ADJHngAf9lYGYBAAAAAA4AeAEAg&bg=!9vWl9bHNAAbUs_yW1LM7ACkAdvg8WoOEAR9FEQl4DAhvzqepn5LXPJjD_Xxh2roAtpN-uyH4ipbFMQIAAALxUgAAAE9oAQcKAEKenEjAA_TDpKIHEpqsXh4tJWd8B_B0ALts94WLVPPgZ7yYT4l9Y0QTgm91c4foMjuRsWZLc6mNTqfPl5bPTnXG0QaZAzAu_qi1i13jVIhMC2rJNmPws5szM6beTqlXJwXoaiFu09TuBMo-W56IoU6M70hnO4AsgRjS4aJWczqq8-pC4txA8Z9-wg92VDWO-2RDOa6GmfSd3hY8kFYXyyybkdNKVUjg1lTriGLI0BzYNqmkld-be1gPL7x1s4exWidCzijrx-bMVlvVMgtQKU7uXB56k_YLjwcMEiTQVOxjfOqdkpjDMhhdMSxJlz7f7iFMp9CrHg9CFhsy-UzykDDt4mdkvDmr5BjcXKuh0IXL9PiJZStcjI0hTH9DUmle8drVanDiP5J9IhH9sKl1r2JsmsbEflpvK11tgovYtq9kfadK2Lwkeg7eSbWkJ9BXF0xLjusWXAy7T4HFVo4_XNQw94j_3e9KdJqSm0TmLm0V1kOEo0xF_hQOKXPmBsqiztKeFbLi98fa-I8A_Njv3aYWvg2-Iy0wQ3OL9HbhYkyKtKdXWRYh6QbLs5kQguqz51U9ltkbceB2qz3DNsqlX25-9NRcmQ0Y5bqSpoOgZBP4MXJwX5Fu1bcFSvSoTCVL_gyAP5TufHYNl2IAq2WVAAZ2aZN7QekdPvTlVNbv8y9NvxT-Cbh91xdDyF8gUBV6NDD3Pa1wwaAyiRB9FqLpSjnTCRKk65qaMTeQEKH3q0gEeAWc8kKABw8iJ7qlqGgm6lXiCu3nOLULb7_JmMwnY8jCAFFfVrV3ntYNoM_3VFvs6PqNsgHoKCIcCgvEcncPmbk5UX7j6-J6etpG55PJ9IhXaN5EoTrD1fan9yJdEDVweVO_25TvigTR4PPD3qci7gHK76LVJxXU3RrGuPxycJmIjR1OXPqtsPJLXyIvhi_Uk3RCTvu4BTc8265wiNCkp553gP8Hk06ITwnCp6RaQuOsyHvIQEXhaCTZO_AvdmCBxCyy4vml4rnycIxuJwZv6-VAmuZA9UbdqGlvc4qPd7tZEt_ZgYq7DVkOLzEqlQNZYaLFJ-Stxi4gnHNiTrBz3-31AUsWkfY1HHipcKFmAEZvhI93jIcKxTIugPlZbE4REQGHS6b-O0xdn3IZE8HKhdJFU3qTHG8NzIXQ5rLbCorzkb5tTK0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F712 0
20 B 59ms
58ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVGyvObd2YeKzDIuQ7_UPspaL0AIAAAAAOAHgBAI&bg=!NTalNnLNAAbUs_yW1LM7ACkAdvg8WrvQwmkDhYBI96vBIRjfBQPsgq4RzK9wGWvceXh8rzc9lyuezwIAAALlUgAAAExoAQcKAFWoo7mjSPILkOZNlecxjAwIHx8VOCin1RXNCyL1xmjOtqNPpVaxWil1BVpA759pxCgj9gLCuFWeMYbJIwUSEiCEsMHIwlVXXMGIeq9l-z7LdkN2SJ-dmQMEnDOvjeIk9Tq0DN_VAjttPwUZZCKMsbHZC2lxzBQVe_VskjKqXwtw0lKUWxoSL2e93Dsdmu-qk7JLvsg3LLHUhKrUx4k-5QPF9SX5uSItP4oslxUJ2mulCB0eMU2ZMbyO7vszFiR6wDjynecNweRc_l94M_mtZC4WTX3XFRvXrZi0B9K4JhVw4I8RYckEge8N3wHsJ-NyDQbOm_w159_pGCbHzw9PUVBSHnzKQl_HedXSUR5MLZvS_rRX45HNuFSA20NalAcLnfbbsvC36GYXami38Rb9Hwxty1FUBcgJqlrr0bWixYq7rs_fHhvQDi_hL7m7a-qLCsgycmpVM4uQjrl-vU4fVoNNelRbS8b3qfN1-5nFkTYoPp2UqtBUKnPQ7fPgEI2yVEyE3B5FRZRvVsNEhKL7e6sU26SNfXHo8jk-2nQqYkCQvi2LygbuFvicEsCEKfW2ppPbvDtTP4l5rLBy_V4lqWCjfqiaaNyowpn5gLcsj4nTlp7igrjVM2L6hZIbScVcbFj4bMb_BjAlrTO4vsVfqeMtXi2la2idkYxKLjzLRSoejpixTMpKeXob4PrjbhZ2mPRKLykSVofIKm7k2I5tF9xERbE5rWAjTpEvLZ4GINlhZhZSKPO9MnqIHIqSk8CadBrW7gVaTotvRlok_mTsalw2PmEyxYcVyc8mOROU77NPV05sij6J4UXk6HT9ZImjwzeVcMCvGjX-Jps1NVqxii8Il5JD8C8WIsiVn2yIEcDqd3H9rQTTQVqCnPCFZHEN3cGSYow8UpMg11MaVK-O5YUS57lPku2w0fpw4bEDMdHb4XSQl1M8nJvbODasF_Z3Br7Tt0acXKdbwytW2qZmLHZJPMxFQxuS9vRinl44RvCdTw85fyC3cmjSb9mNoKsd8ZNqqJEdfIv7Xrn0O-iKYC9HBGi4izaMzqlmW3LE1y8N2QCxNOKfp9nvIw8R9DaGkOybCAvxtDe5zk3e1OQg87u8EjXNq7R6GYSuBgEVFzYH4jVB0AdUUVo9Of17bA

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b192.s79.research.de.com/ Frame ADF5 43 B
308 B 11ms
10ms Image
image/gif 136.243.12.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b192.s79.research.de.com/data?/VnIZDJOAA0rvFo0F0wF6vAvkE5uFhtFvuBrpFl2Fu1EhBFLruFBLkqFFlqwFyyAw0Az0AL2vFBlqwFyyAw0Az0ALkmFBTkzFkQYBAAAAAAAYAAAApBAQAAAAAAAAAXAAAApBARksFAQtjF/mEQSA
Requested by: Host: 4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
URL: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h300.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:07 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:06 GMT

GET
H3 200 style.css
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/ Frame 6D04 1 KB
427 B 21ms
21ms Stylesheet
text/css 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

8b64921997bfcfd4e9b15810b9107a3686e5daca86e15624744940090231d0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:22:41 GMT

GET
H/1.1 200
OK data
b190.s79.research.de.com/ Frame 98F0 43 B
308 B 12ms
11ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/data?/lJAMFPiAALl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az1Ax3AwxAw0A34Az6Ey5E0yEhtFqkF2BETkzFPPDFAAZAwSAcAAAARksFAQtjF5xaPSA
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A9CD 12 KB
5 KB 27ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 25 Oct 2021 12:56:35 GMT
expires: Tue, 25 Oct 2022 12:56:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B09B 783 B
536 B 37ms
36ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

5537b75546c9d3830b26fc1dc70f59fae1c013144a0d43affe6014846aea2b5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oD4Zz7NVzagFk83ZnCOCvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 25 Oct 2021 13:55:08 GMT
date: Mon, 25 Oct 2021 13:55:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-oD4Zz7NVzagFk83ZnCOCvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 204 csi
csi.gstatic.com/ Frame 1E2E 0
54 B 691ms
389ms Ping
image/gif 142.250.182.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~kv6q28k6&c=925233718677&slotId=462616859338.5&qqid=CKqRi6rb5fMCFRzyuwgdCfcD_w&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7c61941065aa73d25f345fbf993b039.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.182.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa05s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADF5 42 B
64 B 94ms
94ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj176yda5X3_jAo2DYLuviiSuBnD07GkpCCXwjE6kIAwUw7-fzYOk_vFuDsi2uO13e3dWOMls49nugtU6GsyiRa55gAloy8Aisz3crBhzeA8dvVMvmaw&sai=AMfl-YTBOLglJklCfx1AGVXWzT5lCivO7veVh6oZVjXweaZUBZkTzjP1O2zO6WeNHCNR8lhpG-5cirdmKj39ENGp8KQP9-lTcx05b-o1YNhZbYxj7R84qwiPnp86alTb&sig=Cg0ArKJSzAoL77nmkvhOEAE&cid=CAASEuRo-nIt7Gn1fiNvtrrBOCt4kw&id=lidar2&mcvt=1348&p=289,1015,539,1315&mtos=1348,1348,1348,1348,1348&tos=1348,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1930077042&rs=4&la=0&cr=0&vs=4&r=v&rst=1635170105853&rpt=1110&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 166D 0
20 B 59ms
58ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdEIkObd2YeijDICLjuwP7bud-AUAAAAAOAHgBAI&bg=!mZqlmt7NAAbUs_yW1LM7ACkAdvg8WpI5cL_4jUDYZ-6cFUCVLNRvypd0iwScVrpIrKChrYD45lNnnQIAAAK_UgAAA89oAQeZAudI3hZlA83cPpxExfiRsjI_3M_KDWYI1xq7yjTfHBccUkewDRFyf3Z62Or9YtPSbKKVVxnr9SWqCCVlwj8vLGrchxmNpppLgQWXwimJ0G3kt9hS9rziDznn4d-hxqmESRcJY4LayT8LwkMGwfdHqpX8hQR9lhOxzd7r1wU5gdBmscB4YRa3CtjOMxqf_p1nfvyQ_MszVgl6wlyKDBQlti9PfhJSnmcy6m_HCFXCu24QxVz8ibP4E0vduo1Rj7WNiCAnRzT89N-tMg-G9yFg-MQbTzskdTA-zfmD2A2qeC6OUhk-6RByPbkLmF0GJQKkDgNWglzdXiLHw0k6FrKkP7gerHuL7U9AyhIBOMWjNmpkhkroK0vpfZw4Yrv6upxE-oiOwo24lnhQtzeI3eDPE07I9aRdv-iLSYTEtineoMiG6UuW_WYjzk5KZGug6fJs3BSldSz32ehhfRwrTMyzB_7waD72PbcYPJLql90zhyU5ytwo122ncdGHfQUDsyAygrhepO3k3QcZDmfVH9W5j6frc2ZWsDBXqSPyRtPo435HlhonLY56psNheyHo2fvUzTAiyUmHggSPQMdxnCg0td_z-qMQl7D_79P4FMRky0gJ4WVWZlbmDB0EW1OMz7cSFpYvZOICSKcXn5g1bjeNnlHoJa7WdccCgKzlpLeX2AOqYAI2WS_Z_rfx_fLWj7wp2C3WI6hUksHgi7jfjgOWlFd8HdOcIUvolpu2LF6idwhsSf1MlO27pgHXOPuNBUXnBmgL1I_n5Sh_34VGUIUtn_gW5zwhfu9JiB7_91ahHIU3CWI5Fa5-jYhbBD4q_paJi3klwV71lHKk7QwfLGpsCw4YqhyRXZDlNSWnia4jviaQn3zFUFQvcxxJNcm5PSN56dylizGGvt1trE8zeUQ5P2uSjD_BP5gQWtX4nphEehlQ-lQjwDlzDEgbvxgqCPadviCDjhUJ8ySL7J27bjb88b2vi6y4GWffTw

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/ Frame C784 1 KB
432 B 21ms
21ms Stylesheet
text/css 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d45d9f1dcb2353314dd631427acf5dd50dc3f882b756b241f6ef020d7dab56c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 01:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 402
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 01:11:08 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 36B3 16 B
232 B 125ms
123ms Fetch
application/json 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-236-168.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 105ms
28ms Preflight 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 txt2@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 1 KB
1 KB 21ms
20ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

c4e28f457f2dcddef9f1bf5b8aca5edc7ac8c0096d5dd54e5c73fc29e88dfea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 04:54:13 GMT
x-content-type-options: nosniff
age: 32455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1228
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 04:54:13 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 1 KB
1 KB 22ms
21ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

e6c7a911b2262af474cb07fc64861a1fca560c349f579267602793a29def7e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:54:21 GMT
x-content-type-options: nosniff
age: 7247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1073
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:54:21 GMT

GET
H3 200 txt4@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 1 KB
1 KB 23ms
22ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

ba85ff98bcc93beb0bb5c716df720cf3317f7e98c1a16e86e2ff4bcdd0ff4943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 18:15:18 GMT
x-content-type-options: nosniff
age: 70790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1084
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 18:15:18 GMT

GET
H3 200 cta@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 705 B
737 B 22ms
22ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/cta@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

0401d2177016be36142e4ffb48989c6e1c899bf115b17dcfd919e1e8897f4122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 05:28:02 GMT
x-content-type-options: nosniff
age: 30426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 705
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 05:28:02 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 6D04 2 KB
1 KB 23ms
22ms Image
image/svg+xml 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 02:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 02:58:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 407A 12 KB
5 KB 26ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 25 Oct 2021 12:56:35 GMT
expires: Tue, 25 Oct 2022 12:56:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 10EC 783 B
535 B 37ms
36ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

2c1aaa4801c286d58f821dbe89a3a3201b7ce0b2a22839432fc5eacb0ac3ed6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HSiM4csu9NNJweEUVpPvBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 25 Oct 2021 13:55:08 GMT
date: Mon, 25 Oct 2021 13:55:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-HSiM4csu9NNJweEUVpPvBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F840 16 B
232 B 100ms
99ms Fetch
application/json 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-236-168.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 61ms
29ms Preflight 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AC46 16 B
232 B 93ms
91ms Fetch
application/json 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-236-168.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 32ms
29ms Preflight 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 160C 35 KB
13 KB 25ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9D32 16 B
232 B 83ms
83ms Fetch
application/json 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-236-168.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 txt2@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 2 KB
2 KB 24ms
23ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

3c2f31654038399844c405203e45c34565dd61ca97cd1dd50c37bd2f3eab5d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 18:13:36 GMT
x-content-type-options: nosniff
age: 70892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1650
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 18:13:36 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 1 KB
1 KB 23ms
22ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

70cf48dc39c396349c941d08399bdcebf1e39cb841be254c75f63ec5d9cf4adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:52:51 GMT
x-content-type-options: nosniff
age: 7337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1472
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:52:51 GMT

GET
H3 200 txt4@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 1 KB
1 KB 25ms
24ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

2b1e4794d254fb547692405af2cd4be50d55d8e8d7afeb053d4fd235d5c773c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:52:51 GMT
x-content-type-options: nosniff
age: 7337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1422
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:52:51 GMT

GET
H3 200 cta@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 677 B
708 B 24ms
23ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/cta@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

8486d47c77f653fcb4f2e4c3469fe110dce22a5d82477b56a8fca9ecdf2a368c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 00:57:47 GMT
x-content-type-options: nosniff
age: 46641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 677
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 00:57:47 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame C784 2 KB
1 KB 24ms
24ms Image
image/svg+xml 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 11:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 11:29:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3749 0
20 B 59ms
58ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeMfVObd2YdmWEZfb3gPn-ImwCgAAAAA4AeAEAg&bg=!cHOlczfNAAbUs_yW1LM7ACkAdvg8WurecLcJeTqXA91BUlsPs04WZL829rCeotEc_Pji6t0vNNenyAIAAAIkUgAAASNoAQeZAwQdEwPQv7fw-y6dZGfXNFnrehX3eeVWxSUAqjPG7teITD7UEBWtaWGP-jo6g16uusmidM9U7L5TKbysencK08rmQfs1xYHuTlGfnFWWNG6-IhNv9BrTNj86fNJE5pmqY_bwjsMHg_vq79ZP-PLddpIXx8nMkxVzwL33FE22v_QHEOQZlSAXL223JQmxKMWYl16IyJs3LQ0NbrYfoctVLvVNn6rpUpPYb0pRfCD_LcXS50YtyVdLsVXXxLCuCUEHInlOchdTooPrH-JOBnGbGOwKsN-wm1-35_PLVLDVNv4LZPMJwqgn5ToqnB2wuqL5BFkPH8ZPbQOwdvp7VRxaR8KzVmnCOe-P1r3ziuQi1gdueXH9_InNCknpDJwe0Cr4dAR7TlyBcHkRijplW66PazHHI1OUHFd0eWrfNx1iBW4oGgxvOjF5C-jRJybzqDBeITKz5QoCA4PO0HVFJlHPq6JtFWsSbSVsZeDuHIIqDI45n15QOBg6-iHUzEj2qmIWXWqZiLG93ZyBhJw6ZbBCAFTFaw5SdkZCpcphVaCjkj6v7755QRCzyd2ehU0FSs4VluCySvSQSSqDwE6_iPMI8zgvY7gedDbj6tzaQ09917z0heMoP6UVyB8uYsL3CE8zlIRxn4N2TO87tkLlEvrG7l6Stv44XIPj-00ATJpQKm98yiVN81nJNFIOF0Fh-m9msR0d_uKhrG5VJM43Rtz4ufzQKSZYAsfW4FdQT75fihdX_9-_tjRHVenvmZegm4Xst1gOVswviVh_zU1IfK8eJDBpaCka6CP0K-7iJXF7gSHj2zBRCZX87OmKi_YMOy8dWi4GfF6wmkkkQOHERNbMYFOpSpWTbg4elwAb2lTjfDb5bEvLzl5qgKJ5TdVeex4PCkjoJZ50ckJ6Dg_Vz5v7nt8xpFg7cMBBJ4iExrowf7SnD9OcbnHNbyhuRI-PumhtEtp-MaaBz59R9naEZLlBs_tZ9gc2LgXLXIvghWSfS371NrBglIJYREIwpngjX3ut3vQn26cb

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9BE0 0
0 80ms
80ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=4298614532813414&rc=
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame DBBD 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8375 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H/1.1 200
OK data
b192.s79.research.de.com/ Frame ADF5 43 B
308 B 11ms
11ms Image
image/gif 136.243.12.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b192.s79.research.de.com/data?/VnIZE6XAALl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az1Ax3AwxAw1A41Az1Es3F25A3xB14A6BFTkzFPPKTAAZAwSAcAAAARksFAQtjFLsVPSA
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h300.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B09B 0
0 118ms
117ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=3839966302367793&rc=
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
35ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

242e9ed37ce7d3fd4c08592684a34d883852c3f5bc5ecb8b8047711d46efb113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Oct 2021 13:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8528
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 10EC 0
0 75ms
75ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2178010999477247&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame A9CD 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 25 Oct 2021 13:55:08 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 407A 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1ED1 12 KB
5 KB 27ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 25 Oct 2021 12:56:35 GMT
expires: Tue, 25 Oct 2022 12:56:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3BEE 783 B
534 B 36ms
36ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

02ddb2c64efd288d05206f76d4d196049a12dc1df08aa1b9545c22603859ff73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ClD/HjDYHTmIdf5HtpKrCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 25 Oct 2021 13:55:08 GMT
date: Mon, 25 Oct 2021 13:55:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ClD/HjDYHTmIdf5HtpKrCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6795 0
20 B 58ms
58ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=2406490769796905&bg=!5uWl5aHNAAbUs_yW1LM7ACkAdvg8WqXtYiZZmnbfOZTVcKb22Q_1jQwkD-olvbonVVf4CTOo0SCvEgIAAAHRUgAAAF5oAQcKAK7BL5isZPJ3CrbFXSb5SMhTet9IPFz1GZmZLF5i9ExKxXVpM61l-ji91WfykzR2TYQmDEb5gki6HThqCA4aE1VYH6xQwsIsy9MCy1sT1UJLwVcC6l6Qwgnn8r6y91vuY2JakRAh09YsqqyNiBaQxqRMTl9gcJ8MCX1D8vBY0kFJZTC5iH0XAYJe-1wRS61UEVQo1814o4rjedKPtFCGP6y_IjbQwJ6317CdUo4CtKeZArlwuPNY7aLWWuE8aBneh-byP849HF1Av9bf10e8lr_B8bYuBE9DsrW44EZOIa9esnM6JJrzFzZ5Vy0IpZLDtgbittafnZWGGBEpKQfJpIqCkcoM7dEBR_TEGyukblh78xsio5AKBX1UzCCuQjIvm_gdh-pDqGZUbSSkgy0N48o7tYcSVlhXNKUyGAzWYSjw0ygj7wKFGkM01DIh_V4_tYBbTMBGibE1qpryUygJxt5hRCr0Q6p1R5dZ0my4P2By7X0eWjebV4lCw77F-WmBd-O_HjOnpy4sev-AU66ZxOp6F20OAm6zuFeQxx9ep5FPe0lq6Tra5Ac0SsqteQdmrH0A5zVDL_4qG5yCrMmG6cpjreCSFbX3sX7UHsQShGY3kZ4MvjK2zivsbqqiwr-MbEilJvLsXjrCTfeXQ24oX6A_BUuOHaNMxr1EMLCxpmtBytjHS5YdMWXEIZUx-kUwTYYDrFxdVP6AxhXMuXMviYa2V6Ll0_qiWolEcWoh2AlOMZIiVX8k9Ei_tDqXLBHFa8ym1bhohAFdar-BLavTlppMrEzmTCOimtRueqtBmb_oulMCFMPhm5KFPtxTpsq_MA51-HtH_yeX6WVwgyNUytcC8Ij5iO2jSbXhLahJPxwbIJXulykAb2pH_idSv8xTUhUYDec8S8kUomNWpshO--Z3xZAQnlMQCsvykhp_-Iom1AVvcFt84z7JAmiy8MZM2ajB2AnkqG-v4B1Bn0j_mI58LcS-qKPXrJ6NFhiSLBykh8daQkagQrXXYFFTcB8d704sNlZILTx6xmKT-SijDPdwODAQ1gDWA7_VxrJJHbsNn9eUnafbq7mR6NdCNZhm3QmcYgPR2kVKIIg5hb8eJRNIqUxSOfIubKx1CRGHmtpiKNj_udAPspvu3qeecFQRWdbfyXF1q5v4ifJW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3BEE 0
0 76ms
76ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2929074480032121&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1ED1 35 KB
13 KB 31ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 12:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 25 Oct 2022 12:42:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D104 0
20 B 67ms
61ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=2129748362678624&bg=!qqmlqe3NAAbUs_yW1LM7ACkAdvg8WhCGTYElEGRcSNdOY7NlnNSV_6OOQrUO-xHKDjyd1H_tWG6bDQIAAAFsUgAAAD1oAQeZAsRs-o8PBus5lmbiUH4ZyXexNX6eR5mlKlbjNHkafQIzJWIgGkWXGkfjys5fcgd7JT3bQthEhePBZDh4z5U1opZGn9mcYysr2kGTkk0YUbdgWKRS4qcbOoz9svg1OenvI29zNI2rn1m5ey6RtcvFpKQa_8BvAV6IgKb9H-lEKxA-labvyq0d9b0Pv3fCqPXTfQQGEeLWY89qZWqkwAXudOkVB0VJmH5hcyqlXvVaV9UdoxrWg1hFJn6Fm19H7Hq4ljQjCZue31Cc4P2m-K2GXWBSSMoiImUVpO8i6VMlXysWK0Dtzp8Xu0lc5x5mu1WO666TfK8MeIQ7zUZVspWjS3D9UPVqSt4ukTW35zGLU3Yn1JPz2thXBI22W2z4XJJWlAHG1dXWDnilLZN9TmhC3UAiBbk1E2rDCy1IVMwJU-rIfhYUB_E_IgTxQj21eVc7X0yCWPnliMJp2czognAInljKaBfvsxOLDoWatBrmG5Wk4d86evVqE1mIFX5IAdhygcr6BDyFz5l8hWAy9lizfwc3FZBC0a9IqXho-0r1DXs8C3WRf0lvjOhTc3Qyc7rBp6SB6wOvAXqibXqhUiYYQoV16yjsuBSMdo8SyMsNGdMHE2jRK6-wEADqJzGaXmyTVueHM0XhOSPd7p2O7Wdz5YWi-he5JKVMfLut29j2N8LKew8Fa9TYdH1wSyNt4M6RWolUex7HaHpoyEOHAfMTHvpf213xlyn2tjZlHcycagxjke-MAKVk-pIoHQsEH8teSExTGfS8kA3TpGTby_JIb_4IOVOvporduBC6KfgUW7ZvNdlcCZweYxikRyCPCASoC3oqSWMLURG3w3uYvVFqA_j4jLCvqUvm2JHOEmfbaGoOtJ43Gnhjiz6ReRFCw1mRP7x8iAgER2TL7lnEuxIc1s-eUPiBKYr8mzIw4SzygHiJDtCIh0Y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBBD 0
20 B 58ms
58ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bh7zLOrd2Yf77E4mk3wOku7voAQAAAAA4AeAEAg&bg=!OjmlOX3NAAbUs_yW1LM7ACkAdvg8WiKbEX6bmDBY85GOgjaOUGUQcDBU_06JwyKglVp38JceGRFuLgIAAAF3UgAAAC5oAQeZAu3VrBoDPEiU-BUJjhEeFr5HAFQPdnjwt02AjNtKJbg7wP803k7ZDdh-3I9HQZezj5JVHPRA5ITVA1NkSgF2IOojpHgBaWP_T7tnfp9AFKvkiTQtulowLlpZCSstzpl16vchg29Fh-sRELn1QKZj1Y04pR_bg93nwP0bHIL8dIeEpgGrREuDrw5WHauugXtuEmRSZp8rs4CXYRfUDTc38lTGliNZXletEpw0hN36FBzVhzkQTeAwNDck629E4HYpg8njyJYTUqhl1l7kR5izrrsXk380-GHbN4hzd_ppepkYV4HIZaG0pKAL7YTY1eqA2r4I8YXpPlGytB33ZoZCI97uCU5NtXyxNsRy2gO-LNgzKduPXOB1gLIKk0_dltqsEzAEWjWAsCBLvFzeG2laDCB05muO5C_06te-Q4RqoUrwdRZehsGvBVUcmENXQcctnQmDytuXpyUj56B1jrJy9of-I-uy02mzzGaYJw1cMGGZXtyvirjf3oQJIXvDw5eBZeJARK3zO-esLA_nkC1YziE0EJqKCkqZd47GgPA7Vpt5-Axs7VH3tqIklCjiLyb5MspxUQS_tt6DPt05305HdcoAtSoZ5-DBB4E6pVhK-8CTkxRkIgquQXR1VVKJIMyoq5cO-XiDtwAMOg0lmvBRmbhAUtcAsX9egH1CXjGDHRig64hNlX3B_tIz4elKSBHppdugsjGIZb9SUjNYnSvVo0aeVctpafST_v5MY7VtnYqrdVzL-u1_cTAsyV0X0pIHjeA-msBsbYn0LdKXekguZ2z2qs5M6Lu9oTxlGTc2yI8Mfu6fgDoGsgRkIsyV_Bus5ADCdCJnRYcnVinECi4B_FPS4mRs0CNlJOHbmPJ2VOuT78ccR6OlgNdQOaA8iwzF7WCRYJqQ_M18ctUtcGXi8kyc6AqS4Y1hKvbphPdbhYZEnwFYWhHA9dMKNMe5K43O_ihb_k0rjDxzJbU6e20pTynquSGTK1uv2CvQc6dxSg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC7C 0
20 B 59ms
58ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=4298614532813414&bg=!a2ilaCzNAAbUs_yW1LM7ACkAdvg8WqXCngL5Go9OSzfdpaSqAtD3K2YD62zXPvUv53PdEINxXOB2IwIAAAFVUgAAADloAQeZAt3yG1DU5K2WBfoLNygzWgkjSFdcXtN3j0DsWrboTCQj02p-xIz-imNzCddhekNPmJsBHbfyiY_QuGKP_q3PhkZ3VLGnSlZhbAAYYTPp3Fp5_KmG4J2vWLDmkKToi7JzPa1UCAbibs8CS4DGryoTILUxn7XjSLjyx0Fc0o7-dfJLQo_g3AkYT3IvQa-96PiHj2cHVN-KM7D0rdsiTSmYVww5aZQOb1zwKg1yTLxzKp6wpqY-fPcpO-na72gsm_oGHFqstXH0oPwYetZseTtOigHwhN_RFljfZRBGgwhxsmE99oPx9doWgrsk4XKEzOYggatPyLNpMx_78VixakVC9NJzWyzBfIV8B37qU_S7CqrJLQuck2hm2opXBiWuTvxV5XcOxNX-QLMhabJA4ADFx97lhiJPDc83uNcU0DR1b0PzRT8WEdCQ5um-YC683X4Y2U_GnxEhGzeiE3gSH6VrzgN6rhf_OFeZ3sK023sphWQmlkLM5j0N26MbJMyXRQlV4g4lgtV9pWsrl2201n__tdLL6D2De0_AcPwC8ZRNrivlJaxw7NoWcazTZ8pe_wjYKWsmyKDnEiovl3IHR7OSHgk571YqYA4JcV7Da0y5BjWixeW3zLMvz137m_Uqb-XUoTg51kMpKKbPdhRrA0__Nhdn8TLW1iDtQTIewzT5d_FWXfPn7MDHwvjAFtFnHeYJe_Z76eFLH_D5ZSs-sdltioylVWVNUXDkvw4-ZXQQ3RTK_P8V3rqeI4iJC1rTRKxGK6NboZtU5hqIu7mK7ZJzmE0WbucW0AZQqzPU7yZr90nE9IUyOyWJOpfTNfBSa9TIHhcLCJOBoheA_SYU07g-aUNmIUlH0dCiCaA2tNDElCjJ0XwRD0ykn0QIq4KbHpcK9cJMb84Ia_NvKLPsQbjbB-6Qm7FPfQG3QrZzITIsTrtFqjr2YenM0ySFgx7xu69bc8qozZ4DziUuLE9ZxHu0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 084E 0
20 B 59ms
59ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=3839966302367793&bg=!6Oul66_NAAbUs_yW1LM7ACkAdvg8WvbDvSZt9VFZr670yd_AuFS_OlAbQNXqoej3Pp2CBUA5X0gpEAIAAAFWUgAAADZoAQcKAIyC6IynCWD7PlPf0i_jK59EbWJh_YzE2K3j9f3ecLEXyLmHndhl46BgEYPHAcpPtIR4tgEsOJs5yFrXeMitkeGdpr4x_Z4fneHF07GEyrZwP_DLHo_XNV_7eDD16zFqB2M7wXN_oSkm89ZoAidIwxzAmx1syD-fmEEeQ1oqb5qasN3iboyRLmn1xMhXE5kCy39TDIzBH5PGJhBUMXc5dFbzpdhjBWYJwrpqFv9Zq4sjFI_agMYEGiHSlp2EAypUUwfu6ChRkHuVZC441Oe2Sxm0f0wphBhkJ84L7aZCXDeydBICB6KJhVdmmXvScb7JM8-hQaOlh8eRcI3Nr9pfeCF61TuzHAWQGGUDaOlBBxRKeEjcQSWcmOhg7qw1jEOnE2bo_dGlzzeqd3hSpuGdrti7EXb4SlLLgkswGORjHzN6EqVdSs1IjWg9SWXc_QPkFWm5sjmExem0h8IiN14xFNjJpXziz4OjUaQHGW57Mpmf8S1uy0bWJ-VvBjFab7cwb9Zh9R8gWKwKREa0vuH5BOoGqRMvMVHqRjur4PDVPWOnZESUG8nhxxJueZ806tSHZD31hnRoR-_9XcArj06mRiD9og06y2kUlMzvBSdvUpJD_dXb7oIopMpTkmRKzQ449ybynAbZ1J9rINNH_CFMJxcMKtoxuFrX2c_nXr6c4WxxbkVnLi-5k9TRUpvDVHKcGbaTtEC54j3qeZe-JviRMxm_C_Mg8fVNW10YgIwuIczLVrZp4gvTYjsu0_tUMx-y5vX-Dqns7uIWFSLIqa9EcHEzZU_sQYuLgG0RCef1il2CltZpiR0f76xSvYqBZ2ygnQgIcVRBiZPmFxQJ31lotMqeLUVkIdmoBfWE4GzGmL0dfBZ3gOf0LGdOZ_Vac6YhjXBziJe0BAwrlL-wzAJxl9efXBoiGTP3NTmWvrHMaB-uihggck1dqKsfoYI4ReHAajJY1KNXKcaOusW3-ftve3Xf0F3ZOHLW3LVtTMSp4hKjnQ6q4gA5cSLTAOzCPXhQlvR_Ielr4yLiJEVC_6mO9Zt7MRoswW7-JOnPRNFE79TVwITxefVUY8wcDGyxaW5zXcRwQFeBElxdTsqOz-zHDPCCOShDa6n4RyoiW5MNeaUG-amb5u6OFLz6vIg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2A6 0
20 B 60ms
59ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=2178010999477247&bg=!sLOls_fNAAbUs_yW1LM7ACkAdvg8Wri4f8wb3BXQ_idXlRuJi5GnA2jaWpIWfMPDjr9fGqo4Sl_HkgIAAAFiUgAAABJoAQeZAtGx8-kkZstc_8WQaVoexfx4YCxJIqK-2rhPlhrbkEZZCwMLpW465-Q4xndXSPVsB79oB4SYQ6K9znswIaTfsg5DzZpUBfyccEmFsYYK10_NBWAoRODd6BehdLCDmCAvtErjmsJNE7uEwHduJ6uMHlR2RTl5qFrieiOktfAudmFXw7fOFoO0UJos3xfoLM2rZrvfUq6VwWh9Q68KyJEBtfqUUvgV4W95oFeasODbg9h5WNVuDNf0xlfFvovPLGjlACS4q9je7Gahtnb1DXYzlb9_5m6t-7AefFRpZMGac0tfW6aods3NBLwpVi8j6Cczc_69egxxLqXGX2HkCwXqgXZLYiReOuvaxW57zV2IzpBBCEc0qM3QV5BtcPA53sdHpt3_bVDybTVA32n2l6TOcsZnyLsY7UrdgNengPUnOTEMqdoe0yc0ryGCoDWw2VISB1xntxo-G1HnYScDcmL0-rCvLUGu5Kp_bWLvgvL3QVZNw4ColnWL_wxtm6IYqijwWCshaoiJbdKYU6QlGc7x-cfsPNfyyFH20Qa8ia23-iN5pOxDXQRiFvA3aCg5FyBvWAqWTNPcrtsPePgU9Kj2K1ClKYKrWjyG2pcYj1W5gbV84FWn7EAnabooyA0pG6k616le9JuRNCNCHQUztt_kcmy5K1PdrIsCih5yCbTktPp2WA0dsR8vUygAD_WSLELJ0SLegCf1zYancIqKLVK07THEz2yt_d5PR2w1cbsatv1ehpxKIjxRFhgSFM2zvnms6o9rCZIFc9qjOKDg0kQZIacbOVz5j-oybo7tHbm7o_e7LTN5tkCv8ZtHcyH1_3gMrtdCpjwVWhqrB-OkSlbyO-W1glnEFaDuWL-gMpFgAgwgdhELXGNpzmXOtsmKgL1bP2rsVV3wQ8Grs7gfBwxLlvRmSLPEBD3trCaBQnS4VzqKejwAK3gcUHYY6d7p4mx0tntA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2929074480032121&bg=!fH-lfzvNAAbUs_yW1LM7ACkAdvg8WmK6buwOpFZFQ1xIJCBqeHoNrPXM4yQtj_RsKyw251QVjaefAAIAAACUUgAAAA1oAQcKAISI8ukGo1IXZi6qisnwmJHLcvfFb7904PUheiYbmKlGRnw0uamJTm1XVCjmPovjx1p5zPhtO6Acl60t8C2a2q96bU9knfG7QpJ7BtpSfJd-vEw6lRsyR9SsCvmVSEs9Pr1qmQ-_bFjA6ZcLL7jL8Lr7A_SNBYauh_T6uasxoorCCJIVOaCZAqfLETGTWeEH1g5szuyjBqty34bsIE_ClAiwJBMFNJj0Jn8k-nibgGwsUlpo5zeFkRswMXOeng1ckG3k3K7xjNFjsH-lUZ6uci_q0AiVOKxapV0r7Kwea9PqCn88bHPMhbEvoxmtRfJzf_lcRFDK-XGaQ6XdoCVHFG1_Qa5O5Buf69bt77NMehRDeEc6YY94Mu7RP50uqeDuOtNta6oT1_rylzRvN6sTEJbX8pEIKzegnSTjrwh7_mH-bo2JWww5j9Ms8zW-ZXcgYhft7Q4XbdRYzRscw7FXQe5UzbUdusTCv_5VXvff_GMmB7TYn7FcUazNhGunv9SKYUg3Zn1VuhZk3R1b3QFGUPtgdePwPxX4nlAnlbz1QL56Zul8jnQiZC2w0fdOBnT5f_eXVohatQLAr8weMri0jeDaC8qH668wA-MxNSdPdHUeK0CDRGad5N4ADgpCf4WG7-xhK66ewNb7NNJOXyH4waoQY3pa7sR9-hX1AgenTYkOIC5gpHBRctvPkQXPF81vZMZkSK6fvC5iDdGnFbF9GqoFJgqw8_5xTcLFEBDpfruVyXt58a_ouPoHcNmFLXQM7Qt3kiUrzP-AzudHuqqlEIGb5sg_IqO3y-0U-fpGRBqUwrFI6JYomN_wyW-PWr1n1J_F0onNKg92fM8jQew9gxLvqStMXcWM64ZuQ36MNVafKejgv1AxIBHajIi2c6j2h-GxNLgdQKmPSllxrQ8Lu8ub4bCh_2infGWIGVSdwy8W7VKc91LQ1h0Q0ODtyM6Q6ZEwaU5Njci3Lf_c7uUuOQrOgZyMVoRlW33D3a2Zf4RdRBt_e4AcrEmATt0dAN0JDrHXEOqVzkyCO_CzQiVwa07EOkm2z4bKOdVQI4GznMEXuU3bFyuRyDkJby3HqhuK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 13:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b190.s79.research.de.com/ Frame 98F0 43 B
308 B 11ms
11ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/data?/lJAMGZFBAl2yFuvFfhFwpFTkzFARksFAQtjFEoRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:10 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:09 GMT

GET
H/1.1 200
OK data
b192.s79.research.de.com/ Frame ADF5 43 B
308 B 11ms
11ms Image
image/gif 136.243.12.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b192.s79.research.de.com/data?/VnIZFF7AAl2yFuvFfhFwpFTkzFARksFAQtjFSmRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h300.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:10 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:09 GMT

GET
H/1.1 200
OK data
b190.s79.research.de.com/ Frame 98F0 43 B
308 B 11ms
11ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/data?/lJAMHKOBATkzFARksFAQtjF/rJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:11 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:10 GMT

GET
H/1.1 200
OK data
b192.s79.research.de.com/ Frame ADF5 43 B
308 B 11ms
11ms Image
image/gif 136.243.12.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b192.s79.research.de.com/data?/VnIZGJOBATkzFARksFAQtjFTuJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h300.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:11 GMT

GET
H/1.1 200
OK data
b190.s79.research.de.com/ Frame 98F0 43 B
308 B 11ms
11ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b190.s79.research.de.com/data?/lJAMII6BATkzFARksFAQtjFvoJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:13 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:12 GMT

GET
H/1.1 200
OK data
b192.s79.research.de.com/ Frame ADF5 43 B
308 B 11ms
11ms Image
image/gif 136.243.12.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b192.s79.research.de.com/data?/VnIZH0vBATkzFARksFAQtjFbwJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h300.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 13:55:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 25-Oct-21 13:55:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEJA0vUgMMPw9kEXovD6Ym1o&google_cver=1&google_push=AYg5qPLqShBtqcV61L_IrYFnPQxUm891rA1yNRU377rueSqcYPs9XPDzlB62NWVn_jl93uV33P5Dee1YcgLlN-VBII7Lx-N4b8yY

Domain: ap.lijit.com
URL: https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAjOx43w4iDwTvBqPeRgv3c&google_cver=1&google_push=AYg5qPKUUYVZX9B2eK08GxcGYFgfVF_aynmKgwPZ9mOF0bsoALED_H5nXH7PHWPNsY8jKMA-g5Z14WwdD5lxL6i-M6Tfja71UKY

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/gadx	1970-01-20 15:44:02	Name: am-uid Value: 897932f046674eef8555562ad3eaa2e1
.admixer.net/bs	1970-01-20 15:44:02	Name: am-uid Value: 897932f046674eef8555562ad3eaa2e1
dynamo.kiev.ua/	1969-12-31 23:59:59	Name: b Value: b
dynamo.kiev.ua/	1969-12-31 23:59:59	Name: Value: store.test
z.cdn.trafficdok.com/	1970-01-24 07:24:21	Name: AU Value: 768c8aa85317e864
.yadro.ru/	1970-01-20 06:57:25	Name: FTID Value: 1XThSs1-yMOB1XThSs000TKv
.yadro.ru/	1970-01-20 06:57:25	Name: VID Value: 1lx3tb3HlRuB1XThSs0008M9
.dynamo.kiev.ua/	1970-01-20 15:44:02	Name: _ga_H3ZT0JTLM0 Value: GS1.1.1635170102.1.0.1635170102.0
.dynamo.kiev.ua/	1970-01-20 15:44:02	Name: _ga Value: GA1.1.697022990.1635170103
.dynamo.kiev.ua/	1970-01-20 15:44:02	Name: __utma Value: 28515881.697022990.1635170103.1635170103.1635170103.1
.dynamo.kiev.ua/	1969-12-31 23:59:59	Name: __utmc Value: 28515881
.dynamo.kiev.ua/	1970-01-20 02:35:38	Name: __utmz Value: 28515881.1635170103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.dynamo.kiev.ua/	1970-01-19 22:12:50	Name: __utmt Value: 1
.dynamo.kiev.ua/	1970-01-19 22:12:51	Name: __utmb Value: 28515881.1.10.1635170103
.admixer.net/	1970-01-20 15:44:02	Name: am-uid Value: 897932f046674eef8555562ad3eaa2e1
.creativecdn.com/	1970-01-20 06:58:26	Name: u Value: BbkeFNmzhLTIcNISUAwn
.creativecdn.com/	1970-01-20 06:58:26	Name: ts Value: 1635170104
.bidswitch.net/	1970-01-20 06:58:26	Name: tuuid Value: e19b13ac-75f9-465a-bf4b-93527a1f5e63
.bidswitch.net/	1970-01-20 06:58:26	Name: c Value: 1635170104
.bidswitch.net/	1970-01-20 06:58:26	Name: tuuid_lu Value: 1635170104
.doubleclick.net/	1970-01-20 07:34:26	Name: IDE Value: AHWqTUmfmUlyAN6aYrFpp7xSeOW91r1W4H5h3ZVhyKc8A8dVBkbyvi5diXC-LEDT4qY
.adriver.ru/	1970-01-20 15:44:02	Name: cid Value: AH5b-C4Rezhs-lORtDgciCw
.sportradarserving.com/	1970-01-20 06:58:26	Name: zuuid Value: f0e080ee-e29e-4237-a93e-dbcc0f2bb556
.sportradarserving.com/	1970-01-20 06:58:26	Name: c Value: 1635170104
.sportradarserving.com/	1970-01-20 06:58:26	Name: zuuid_lu Value: 1635170104
.sportradarserving.com/	1970-01-20 06:58:26	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 06:58:26	Name: zuuid_k_lu Value: 1635170104
.betweendigital.com/	1970-01-20 06:58:26	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 06:58:26	Name: tuuid Value: f2b052b9-b31b-512a-883b-5d47e94dea7f
.betweendigital.com/	1970-01-20 06:58:26	Name: ss Value: 1
.adform.net/	1970-01-19 22:57:32	Name: C Value: 1
pa.tns-ua.com/	1970-01-20 15:44:02	Name: uid Value: Z63EFA3DB4C344E2938A4D142879ECC2
.adform.net/	1970-01-19 23:39:14	Name: uid Value: 8019782609114716015
.betweendigital.com/	1970-01-20 06:58:26	Name: ut Value: YXa3OAAJALBTLuLs-uu_GY-fGhnxxBfNhPZsRQ==
.casalemedia.com/	1970-01-20 00:22:26	Name: CMPS Value: 3238
.casalemedia.com/	1970-01-20 06:58:26	Name: CMID Value: YXa3OSN6TwXEtyS2mT4VZgAA
.casalemedia.com/	1970-01-20 00:22:26	Name: CMPRO Value: 1142
.casalemedia.com/	1970-01-20 06:58:26	Name: CMRUM3 Value: 2d6176b7392760CAESEJcUjShSZnomtWHLMeNzCVQ
.advertising.com/	1970-01-20 06:59:52	Name: APID Value: UP2866043a-359b-11ec-b42d-02de89ae953c
.mathtag.com/	1970-01-20 07:38:45	Name: uuid Value: 8c576176-b739-4400-be8c-fe295d965c7b
.mathtag.com/	1970-01-19 22:56:02	Name: mt_mop Value: 4:1635170105
.quantserve.com/	1970-01-20 00:22:26	Name: d Value: EHQBCQHIJIEA
.quantserve.com/	1970-01-20 07:43:04	Name: mc Value: 6176b739-89a9c-06432-69884
.openx.net/	1970-01-20 06:58:26	Name: i Value: 2d83dc23-0598-460a-b5c2-3e84f172fac9\|1635170105
.blismedia.com/	1970-01-20 06:58:30	Name: b Value: 6176B739EA48F5DE3005C385BLIS
.adnxs.com/	1970-01-20 00:22:26	Name: uuid2 Value: 8685812950728135469
.redintelligence.net/	1970-01-20 00:22:26	Name: 8lcfmzhxc8d6_uid Value: 6583466b724842be
.everesttech.net/	1970-01-20 06:58:26	Name: everest_g_v2 Value: g_surferid~YXa3OQAL1n1edAA6
.yahoo.com/	1970-01-20 06:58:47	Name: A3 Value: d=AQABBDm3dmECEPKogPVUGpiN621IKAdNrSYFEgEBAQEIeGGAYQAAAAAA_eMAAA&S=AQAAAqgDJFH8eeEo8H9jy9r6Tos
.dynamo.kiev.ua/	1970-01-20 07:34:26	Name: __gads Value: ID=fc9e16d279aaffe8:T=1635170104:S=ALNI_Ma9P2Iv5EJtOtm06zggybmSkvcndg
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP2866043a-359b-11ec-b42d-02de89ae953c
.yahoo.com/	1970-01-19 22:14:16	Name: APIDTS Value: 1635170105
.3lift.com/	1970-01-20 00:22:26	Name: tluid Value: 6844985968353518044
.medialead.de/	1970-01-20 06:58:26	Name: trscj Value: MTYzNTE3MDEwNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRJMU5EVXlNREF3TVRBME56SXdNVEF3TnpFd05qRXlNREV4TnpVNE1EQXpKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.awin1.com/	1970-01-19 22:15:42	Name: awpv18332 Value: 296283\|1635170106\|28b38760-359b-11ec-a388-2234ed5cf4e6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 376776:2601049
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: kmgskvp1dtsaqjc1zxpzs1eh
pb.media01.eu/	1970-01-20 15:44:02	Name: DTU Value: BE7DC6B3F6D7017ED82DF83ADA67B861
.adfarm1.adition.com/	1970-01-20 00:22:26	Name: UserID1 Value: 7023002128681662614
.sitescout.com/	1970-01-20 06:58:26	Name: ssi Value: 1609ed8a-d32a-40a0-a107-a4637ee890a3#1635170106568
.travelaudience.com/	1970-01-20 07:43:04	Name: _tracker Value: %7B%22UUID%22%3A%22F99B1E08-101A-4E6A-8DC4-B108813CA8ED%22%7D
.pubmatic.com/	1970-01-19 22:14:16	Name: KTPCACOOKIE Value: YES
.analytics.yahoo.com/	1970-01-20 06:59:52	Name: IDSYNC Value: "18wq~215p:18yx~215p"
.turn.com/	1970-01-20 02:32:02	Name: uid Value: 7879471298509799825
.sitescout.com/	1970-01-19 22:56:02	Name: _ssuma Value: e30
.casalemedia.com/	1970-01-19 22:14:16	Name: CMST Value: YXa3OWF2tzoA
.1rx.io/	1970-01-20 06:58:26	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bfca86da-0e65-4f6d-ae97-c0b6c74a8afa-003%22%7D
.rfihub.com/	1970-01-20 07:34:26	Name: rud Value: H4sIAAAAAAAAAOMSNjMzNDYyNLQ0M7AwMzC0tDQyNhPiM9QtC_TISo5KdgzLT6mS4jU0MzY1NDcwNDAzMzcGAAbKHug0AAAA
.rfihub.com/	1970-01-20 07:34:26	Name: smd Value: H4sIAAAAAAAAAOPiNTQzNjU0NzA0MDMzNwYA0XXYsw8AAAA
.rfihub.com/	1970-01-20 07:34:26	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dbV0Ms61SHcx80n3TTZP9ggqsozPyA7iNTQzNjU0NzA0MDMzN3rFiMI3BgAgjEs2PQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjMzNDYyNLQ0M7AwMzC0tDQyNhPiM9QtC_TISo5KdgzLT6kCAKL5KuMlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dbV0Ms61SHcx80n3TTZP9ggqsozPyAYAJyIFqR4AAAA
.pubmatic.com/	1970-01-20 00:22:26	Name: KADUSERCOOKIE Value: 096BF0C2-29E1-4ADA-AD42-FB95F6295EE1
.smartadserver.com/	1970-01-20 07:43:04	Name: pid Value: 2146366312502567687
.spotxchange.com/	1970-01-20 06:58:30	Name: audience Value: 2920dbe6-359b-11ec-93bb-160292010206
.office-partner.de/	1970-01-20 22:12:50	Name: source Value: {"webgains_webgains":{"timestamp":1635170106802,"clickCookie":false}}
.targeting.unrulymedia.com/	1970-01-20 06:58:26	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bfca86da-0e65-4f6d-ae97-c0b6c74a8afa-003%22%7D
.creative-serving.com/	1970-01-20 07:34:26	Name: tuuid Value: 227bff59-abf2-4a5f-ad9f-386bb4b60d5a
.creative-serving.com/	1970-01-20 07:34:26	Name: c Value: 1635170106
.creative-serving.com/	1970-01-20 07:34:26	Name: tuuid_lu Value: 1635170106
.tribalfusion.com/	1970-01-20 00:22:26	Name: ANON_ID Value: afnseFmge07ousnA7fvZa54olbZcujVeA1CW5rariGtGnL3N49uuVsgRifZb5eOZcoZd1wvM6buRZavjyGeHZbjWS8h
.simpli.fi/	1970-01-20 06:59:52	Name: suid Value: 238AEEECD1124EC9985445F5A130C073

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo&google_push=AYg5qPLj0ytR6GxMsOF-8J0lIrJ_c1dkf0DlnikSDI6Ao8jKqeyaAzUq9C6Q9dRLjmcJRS6kvVFVjjHYZF927C-MoV_HzORc6eQ9 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXa3OSN6TwXEtyS2mT4VZgAABHYAAAAB&google_push=AYg5qPI_TIIcnpAp4A2bp7zLYa_hWL62Yt3GTMjkm36joziuoeOYriusyMOYDDmvY_n06Tbe24lIUbTFTfuZqQ04PbVuLAptR-LrGA&google_cver=1&google_gid=CAESEFy3pAS7xTk9GD3RsZsrWMo Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f301b9066affe0d48842f2e38719708.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.rfihub.com
a.sportradarserving.com
a.tribalfusion.com
ad-server.eu
ad.adriver.ru
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
b190.s79.research.de.com
b192.s79.research.de.com
c.bigmir.net
c1.adform.net
cdn.admixer.net
cdn.trafficdok.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
creativecdn.com
csi.gstatic.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamo.kiev.ua
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gagadget.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900016.redintelligence.net
hal900018.redintelligence.net
hal90003.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
m.trafmag.com
match.adsrvr.org
medialead.de
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pv.medialead.de
r.turn.com
r3---sn-2gb7sn7r.gvt1.com
redirector.gvt1.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
stat.meetrics.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
themes.googleusercontent.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ua-content.adriver.ru
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
video2.magnet.kiev.ua
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.trafficdok.com
ap.lijit.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.111.242.245
104.16.122.175
104.18.12.5
13.248.242.197
136.243.12.41
136.243.15.236
136.243.33.79
138.201.220.30
138.201.63.117
138.201.84.252
142.250.182.67
142.250.184.198
142.250.185.129
142.250.185.130
142.250.185.163
142.250.185.174
142.250.185.198
142.250.185.65
142.250.185.98
142.250.186.130
142.250.186.138
142.250.186.162
142.250.186.34
142.250.186.35
142.250.186.36
142.250.186.66
142.250.74.194
142.250.74.206
142.251.5.155
144.76.91.199
145.239.193.130
146.0.227.110
151.101.130.49
157.240.20.35
159.253.128.183
172.217.130.72
172.217.23.104
172.217.23.98
18.185.142.87
18.197.21.136
18.66.112.34
18.66.97.25
185.172.148.132
185.184.8.65
185.29.134.244
185.60.216.19
185.86.137.122
185.94.180.125
188.42.29.196
193.0.160.128
193.200.65.6
193.239.68.97
194.247.175.19
195.201.8.180
195.206.238.120
195.206.238.20
195.209.108.49
198.47.127.19
213.19.147.45
213.227.149.183
23.218.208.133
23.218.208.246
3.126.56.137
3.127.51.194
31.28.167.67
34.96.105.8
34.98.64.218
35.190.0.66
35.227.252.103
37.157.2.237
37.157.3.29
37.252.172.45
46.228.164.11
46.236.13.147
5.79.64.54
52.17.85.128
54.76.176.197
54.77.236.168
54.93.133.131
64.158.223.137
66.155.71.150
69.173.144.139
76.223.111.18
78.47.15.207
85.114.159.93
87.248.118.22
88.198.250.30
88.212.201.210
91.228.74.189
92.223.124.254
94.130.102.164
94.23.99.218
0014a8628e795ff94e5d28b199d188366da8679b396757e5cc872957561345ef
02ddb2c64efd288d05206f76d4d196049a12dc1df08aa1b9545c22603859ff73
038580107665e4d625bc27de975c1688f4526d301911fc3fb40accf68b23ecf3
03fa5c882e72e615179dd04be0a422d4c37a71a8c5a3bad03609a11b514212ad
0401d2177016be36142e4ffb48989c6e1c899bf115b17dcfd919e1e8897f4122
04479c721e1d7501f6c5f0481ef2913a628e71a6a5ad3cd8390fccd243427707
04c3803e1c0b06730edd71c100252e947fc16c5a89227aa495442dc1c3355970
066661ae23371e47c40f5e36a89a867d1fab053a3297c9d83a0f860650d67f27
07c7bb3189d22677dca36bd8990a1c71f5c2990752682ddb50cd50a1a525ccd7
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
091468ad474496be6266be0f369cbe809b55a3f9084cd42013cf0f36e8505f49
0917641fede821c01b43369a34cc10f397560a62ecfd9f2795dd77bd452144c1
0940f61a649f38d8362b0f879eca6fbe1f4d6f28450c6c6d9ff3054ff60438c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0d98c44f6845fcd2348bbc75bb82480694221164e1fb07e9df14d5412a12bb62
0e5b69da40b0a2ea196d225b715d78a9b5e87fbbb20ee75902cda02ac2537d66
0e742061b7b95c780006ef36f592530945a422277247333be8a38e43a4fcd3ff
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0eb266aad0b6eedff13ea2b3677ca4259a5629a3503c182aa137b6870466b807
0eed967050265db1eb897f1dc317367149be1efbdbedca18eca291a01af6a3cc
0f4a337fc20b1390ca9f9932b7b1e45f7ad5d9bc662bf3af1fb976da8af57add
1032682ae485621f8b00c3a942a01e6d6e9e7df45115fb9c08cce0f994bf5ade
1044a2d2d749c4044aeb1a23fcbe9bcc9d373f66791503593d91fb260c217f05
114cf7dd2c611158d7fd26aa9b40f38300ea41b9acef9f4ce30edd1d6caffc86
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1302e636d9d946765073b11621c8eccc0cc602111ea1ead858092561db373cac
1335a131808610b3854d90ea7b645a923f51851feb7aa6afff00f398ea8b34e9
13d7e6372093bc4680dad644d5c62373290e8b32dc7b9ed825bff1101e7181dc
13feafcfc8a8db3c7cf089bb046bf3b9e6938a80434cdb6ce5db913b16707e7a
16a956abd8ed56b955665ccfdd9f5a096fd81201acafb3b775abe02924ae900c
199c6645a72f24059216d021778b4602a4b9892fa5d068e266a28b4e3d87c6f3
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1ad00cd77f12a903f334df3fc82f539c12f358c393f5f88e5d959609d7106e16
1b02d366e9e554d2dcc933eb048b1ef9545b9e614fe93e7a56f5e8b949f7217a
1b4a33ebd2999521878ee99d4b3a18cead237ee9c661a31b0e26ce091b536dfc
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b94247f3e2baaa9a8a062de0446ceac23b5f0dd12e005acdbda28fc554ab812
1c2e1fec5741d2d3121dbd04f6cc739483431d3a059ab45d7cc099021156e53b
1d1a0068ad16d413dcbc737a35dad90b16507f38a3016b087861e209432051ab
1e736902d8b319f63bc705c5d8a0673e31559639fafddb31b8b0bea85f981718
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
1f39ff0894d5da731789a73797024a8573aafa6e58812066f537b9335bf5e1a2
20935d45b80d68521d6e31fa1d8764001723f862c0272c225e301bb60de8eb25
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2367b9164c9c34ad82a5b9e535089fb61cc4d75af510dc695e45c45165b80b13
242e9ed37ce7d3fd4c08592684a34d883852c3f5bc5ecb8b8047711d46efb113
2569a38be60a4e92243116c2e13fe32199cc3bebe82937cd6158ec6c822e901c
25c05d2257734a8e32d393e7c81f3cdf0d28749afd6aa066575b5a98b05ea90a
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
280941f8912fe8c12e288307a8db7bc730d10c577d5763714d6ed45e7a16ad53
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28333d75fe86f4d034f512efaea2e39f21f33e4cd8385ed715f931e16236821b
28a4855b721e72c54d221f461a55f5e8ddc79cd337932df6cac7980de9a62f88
2a3c940fad4f724e79d163afc58b020dce161d292362dba2765589ba888155aa
2a6983462e42ea241c2f8e7433e8aa3144e67cc3222060ee9924bcfab0a50f3d
2b1e4794d254fb547692405af2cd4be50d55d8e8d7afeb053d4fd235d5c773c4
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c1aaa4801c286d58f821dbe89a3a3201b7ce0b2a22839432fc5eacb0ac3ed6e
2c4c1bce649e6739003a638d72f3a463f7d479e63f8bfad3d35fb37042552ae4
2c554812d1e758ce5a7aff596d5fd1b4ff48afdf6ad2f8355eed198261cb923c
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f4faffda5a29748db5441d3dd9ba18a57b17bf7d95e7f8f9259689fb0db69cf
304bf27e3ade28a2a0e185af38207424f955d28b492d4a075880c2650cf93181
3128bd5ecf01816e59a23d54c57a7a6b14615b07db53ff277c77376010265b05
31fc7315c1163783eb1845551b989c6d8d04d89e3f97eebc68f041442c3d21a1
32150435e7483d330aede0098d0b1fc9d61d3a34e8f5358b08a736c3606560a5
326cbd423bd2d97b076d4c782cf59b5bae3b533cd776fb8a70e1f50ba1d1d394
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
350fa9c2a785b663adc8330ab9b4f0b033bd8e8626ce1776a2825c2f2cc2b48a
3637c6e9880a123ca0f1df89d62e47d34cb9be456f345d611731736830137624
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
3776072f883f512463faf3d2d2af3c800c32d00d3938339145681c7730958a3f
37941d2b1432f086358b059b7d64d9d30399858862f16ecda247d351258d4881
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3b02fb712038660f6a953365e718456dd14686dfa562df6d772fc9713e32db50
3c2f31654038399844c405203e45c34565dd61ca97cd1dd50c37bd2f3eab5d86
3c711655f4879ba2f24540a5ef9426b3a6799376b0c2eb5e49e7acc8413decd5
3ca2636af2ff861932313b4c720f167abe05db8e58e48b12c832823a92bde829
3cc5aa2d50cf4c77b5347dbab022abc3ccd389a8c53db4550c2aaa963d1d8fee
3e084365b8c06972b05bb7f7920e9a7a3a8688f52ceaadc55995521bd932f130
3e4a3fa6dce2b1b0b85742c7bff9112e2eb0e0c1e9f2b21eeb55cf0864dd232d
3facdebcccdb01a64e545213d5631c9151d741e5912a0f8fc3a4976766eb78b3
41ded75ee2cd874c25ec69f5ad647e70a72b64bc3410e8cd1db0defae80610a7
446900dce4d576e503d418d5557b3aee48920950b97fd52c09814dcf843ad610
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47890a3503d64fb5b4558f0a51afaa6d1730f063008ef2155431451b2458ad5f
47f5f1a456a471f3d0846a7403d70a382dc3ffc4721faf37a858a0af76383cfb
484e048a19f2d1d120d469e566c755d51c4d5336b9c46d8b6527a24d86aa0295
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49acca8e6e6bd278e38be2b2de92bd861fea26c284394765286efccbaa887e60
4abfec0add66154f7a20f565a8a5d41654364fa81de4b0b375c3a8c67330eaf4
4bfeaf4bb8564f95f00ad068504592cc2716a515420180f5b72c121e261ae393
4c48ad4b5d1aea69ebb7598b4deac9ea19943c062d591384893dbd4ba62a9fe3
4ca63247348f03097f90ebadd1e8ee0d12f58b5025e9556d775bbbc5831ca7fb
4d3d3c6074d78ac2bbaa7b98cbf9828f36b45276d4a80c65ea4ddf92ec8929bb
4d4e47b54747bf336a7d03b85326a04f7df56a924124a0b869b46111b27bf184
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d6b0424b6498e3263709d5c1ad917adcfcd1616d12e0a8d76a06966321d67
4edf6d051c3410c21f5ecc4f7ab6096da9e2eefa4fa0ac7528645e4a0605d2a9
4ef8c06ee58291161d8017e8af7f922444324556dfd6b847fcc5c4fb1c39f756
4f300d0799f69110cc1c1798e4ab6f5adf02f1b82020e350767d24c40cedefb4
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb4747ad2809e9b808248c734fa3193fd644fa7c0f1655937b8dc80e5a800e9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
5226a529164833ab6cf62464280e3f67bcd14948cbf37ce3fc3c165780163d44
52af586d9dc2f808b3ee4a93bf22e4c8e85f477ad1c291660aae1ca6d387a4f0
53c6d64604561a4a307fb3b74d187903a20cb1f6a7b42245aaa318f5803f478c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54980d0ce1ab462210a69cea7a8f61f66d7baf954c2fba0dc4030a6b6e7cb36f
5537b75546c9d3830b26fc1dc70f59fae1c013144a0d43affe6014846aea2b5b
560a253e9affbca88a4af72e3cbee4b811169707597347ee832a7691e4067cc6
56506bdcaaed2437da77ecd0cb9a0ede74daff7c39165d821d8dabb5c0afecbf
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
59293ceca95f5b02a3b23a56017a9ef93a3c8a66cf6824516d6e355d5b1a03b4
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
5a9f70c6551c734f3a11af01294684eedd3fec17996781f9e16e550163434a0e
5b40bae8c776c1e04725288629df01f1691ad19508cae6fa893d827228012d0f
5cda162b99a364a831afad4248df66c83cab5f60b90740e4e18483bffc326657
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
6100eca91d6e1c24b6b03a47c56d75e5cd5b00a8fdaa0f978ce70b663531275e
613b6752635097d6f7251be15dcd5a3917c3ddcb092f322d8edd2627b04cc47f
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6287e31d7f75db73e7e80030621ee27901af0443a8fbfe0ca3f848cb03dd1e5e
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
667ff4d0a37819907a9da2e5e27e4e2e01db75ac6cc398e84b56095ce2fe2bcb
668ec2d7ec21cee8e3930ad6ed75b6818886b5c1f052e920daaef3796da38d3e
66a31c4266316ef767a4bff1f75fe8563ba9a4c40272daf07b13ce91f1077233
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
679654b5f692831b932dbaded0b5bdef3e39d03dd99593d2bd38d9bb6da53ba0
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6a7e6bfb9e5de0cfec6acfb9ef0a1fdb7e545eb87f0f081c73f5eb3b298dba7a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c402216f6e8befd5f528afb4c9b454e357a8845571cd32c483105dc8aef77e6
6d6edfd131ee74eefa94f60617061b4d37c8410848d05a071cd2df892b54feba
6f06190a9eea6cc20582fa356d9c5607ad7cf43db99377fec129b190e88455aa
6fa6f6c9e9c487278b124f13fb86c9916640ff2754e418f375bfac9a0dd38d53
70cf48dc39c396349c941d08399bdcebf1e39cb841be254c75f63ec5d9cf4adb
724b85d2225037fa105d8e07b27119480f21f68cb74ba298b841ed337cd8da1b
73e0878b5703780896940ef4f9133989c9c3fc218112aae80f643ec327ea3fff
745f50aec35e5fb8fad46d0a46cdbfa9a6931d641ef72fec0151f60e1b269821
7466c425ec745183e05ffd580822e2df7acb736e4b012888990a81ffe0de632d
74a8ab213434825377631ff36d6153feffc0e62b0794b67c9a7ed6371d14fcf8
77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287
77d569a374b119d4a7970def0e5feb44c2c76f08ecdfcc15f0bb316111f20cf5
780e72761423d556f8e78a547760322013d7d8fabb55eece58b73b558dedbfb6
78665b7f591e3ba0c27b753cca2a033b9c52b2d0a69fc00936996a3e9913b22f
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7aa978f16c3a830e2a59d13ec0e39dbb8e02f6700f402d98bcd0a05598b8a70f
7fda9e8ed98149567e88c13fd4bec7d66b115f78824a68db296a818c9e1acb95
8192743a6829627dcc179c2440ed7a31b0b890d9a837862e8df7fb18ee8e7d4d
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
835e9fa3c02a45ec17bfafa1c1c56cc200ca10a89272db36b25147ca440311d3
83ba1f49c61036d6b8028301b5e4023a299549c6c5bb0c6d4f9e4140d465cc4e
8486d47c77f653fcb4f2e4c3469fe110dce22a5d82477b56a8fca9ecdf2a368c
84cfe80cbf4ef91de23ab0e989a3a2cdf560497884587ed28d54f76157482202
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
870a2a0e533c1681da5ccd598f4e0bdb48cd93d6162b16ce5f1800aa4513f864
886b7edf89b22581e79b6e2c2d0e95069da477dc83793a4d82d129dec18489ee
889ae4d4cf96fae8627be413fee26d3a4432e1055194002e443d7116067b11a7
8a0894f5aaf596f3664b20cedcb9e9ce030f0dd54d69f46a4c94bf853b1e337b
8abbc732ff697804585b19e5e25ab9492457c1c18097dde77e1bf7df454fd885
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b64921997bfcfd4e9b15810b9107a3686e5daca86e15624744940090231d0c6
8c8a76d38a81e3e9005bbaed9a6660426c03d066ff88a47001f2d749270bc4e6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f3e8d91bc7ff831f377088a027d3ecc0a8780b5c93e5f07967cf1d3cd58a1e7
8f6ab91beac606a8c0dc62edd5ab7a39d7c8a573bc03d7b8d801b054b1d8f1ef
908fdcad42c1c71c866d31279ce83d645ede68d92463f82da9398ac23d059cab
90a97f36682cc97f74e485a927de9423c4d9631b226c8b0d9ded98644aa8bec8
912f534fa5d7642fca813789c7b622c88caa79a786846944a18caf5630821999
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93c484130f46a3df71956d4e2a4c208906c2c972a230308dc5383ca9c71efdfc
93cfd03da1c6421843afe6319577a726851ddd53558995ba88fd91dae8902103
94b142b80dec36c8a2166357508386fc58ab78ce043d3553c0879f0bb01e54ac
951bddc2ab1583eee8f4d77d9044c9c5b9081cb584b0a4ac3bb85d9a58e051eb
96bc31dad93511cb788799c0fad76aaf3b9fc5855bf59a246b9e376958522404
9738a0d5d5b16f3c05a2c0fdc11b4f71f8205343c8c338c34d406e3e4b9494fc
97f959798bebcee131074d0992a0e328610d03b24e4039bae89f1e5c4cd57ad2
990cb8ca8afe9ba007c99216f8967e78141d4e437dbaabcd70891e9a748b550c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab60963d0ac1ca9614cee490ac32ee2cacbde345ec2ca72394eec18a9790f30
9ad91a116f1a4bd32e4f79b4b607917c945969016da101b858047ed383265be8
9b04c768886d0bd0169a22e9d9084cf66dc8879babe4c44e61541940ded24061
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
9c1f1474a720085891d7248c3395a8bfd6d4511292badee903c58988d75b25c2
9c4825e1f0de44c1e759b1366812b97c7201dd05a3675ebf13a56cc68e459297
9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a
9dede4ed705f42e8b4dfec0c4932132d7e0bd215cbd591db77566176de24c935
9e3bec87a4c2eb93f4210bcea42823841bcbe3411d31ce537bfa167490310e45
9eea7430274ec6dcd58f552796c948c9106b5536075c27c6d9e8b63251b585b9
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9f9fdc45160ea2d2404d46ef98b6fc9c528d71d907143bff176c66e73154f813
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1561c6f5591ad7e9d5fb7e18a4ee871f96b1f619dd6223f89f97bf6d9fdd11e
a2d1dc8e30ef615f440cf031dc8089be1e1fc381fc7254d31e318a49da7fcb25
a32f1e4b5f872620dbbaf2c41fa087d389d8199599fecef2e1869008fb1acacb
a3c54f0c0b8b8df29ac78678fb430a86cc53b476f2176e517321867c6c5918f3
a471ddae49f2c1dccf0762ea65b46b932ec5c325bde777c8872faa7f8fc4be04
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e5ccbe7eb3dba987ca84215c2c48a249f292c325126246f1151bb2cf104d81
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5f5f57fc02aee76f46835608dbc7438b3085c75dba304ceff2b689f851cf57c
a68bf3df251c0cc831172da22fe841ceec129420895dc190f92fa831120ed68e
a68d21b51ca94f5e2dc531b744fb1179a40938742f329a9058355f421ec326fe
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a941be2318d79441ad1a966e6720e8129624611ee13198f78f7c2e59dbb2668b
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab177098c8c57fab5c6bc3b5dde2aea18d459ff6c09f94cbdaf1974bb077dcc5
ab4c1348dc14f71f64eae26be8a0a449ec3d3a30ab5c239250beacb4057b0a3e
ab6b2c6c46d0928ca186f28567dc85e2daf2549309a8ec100d995163a39baa82
ac1a913dcc95f175e5e87c6c6e6020e918ef043f58667137728b83bdb3d78496
ac1e6d15b63403700f2748b80b53df9534307d7f02314259554cd32745c4b03b
ac3dbc6414fd9d3e182e8f953bd05c42e9bec67ca7a4531258a1c248cd490c54
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
af8fafb5f486021de43b1191f32384766ab582ce9a7c99c1cd858ee4eb2b3929
afc2ddf71398f10c6e954b930e5796908b7d21b413479c7b36041b56166360be
b02a3233f069f3f0ccfd31f2021073f91e74b438c7b69d201dd5c1719557f321
b131516083f6add1652d6ebb5cf97196be310495af826c8e918dc097cad30e9f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2732f593e4de0876048948d71b5c75f140349eaed97c3d2b15a25fa74863058
b51276fc26e61dc3f1c1c214e50842bb2bfda57f4cce642a68bf35e3bbaec873
b85afa6f91e4f03206530c904c3b54dd48f48e7ad8dae47c94407bdeceecfc85
b877fde61a153acb78eed8b98b72a4a111516a412c9bca9e26c184f813c579d9
b9e5d5aae62603ad35dbe94e6d5e4f0b45a25d808b7ff441dd3cbedf7cae7447
ba85ff98bcc93beb0bb5c716df720cf3317f7e98c1a16e86e2ff4bcdd0ff4943
bb19bb9149fcaf72e350cee625ac1eea6d70276c9f83f8eb39850d74e3b7d6f6
c0bdfbdcf9fe9d86027b45554cbbac93e4eed2489339f42458114a8526a0f7ca
c0d027354b59c47e066b7d49c1b0abd4618599e7b2c33e208cac2c3c528e657a
c0df9644fc554ea37a2caaabc7133a0e2a3c8d286a07c7bf2a35279c7737abee
c18c3ac14abfeaea46a62fa4aa12da3856128fe532df746dbb51ae2274632bb1
c1b1cb3e418c03fbeee30fb3e5163b6ebe32907a96902a4d3ea74e32e62568c8
c26f85b1b1e6e038f57a3d279af55d9a11da30f2c00145eb1306711bf83c02f6
c3336b531b43df9766a9f6c8fabc32760041092f1314e62fe73cd43a555b2a3f
c3608675638c9ef92ebfd5f2a24dd34efad9106d33848bf8c7a5098ad753ef73
c4e28f457f2dcddef9f1bf5b8aca5edc7ac8c0096d5dd54e5c73fc29e88dfea6
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c655b707a7b61514986075729a9d2e9d4bb044223d3082f9f51a7475f26cdc92
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caae3cca7abf35ee3a61a44711a2c704bf36bc779d05f29e728eced9c1950ab5
cbdcf9656492aabbcd71c91161347ec13a8746eca540028f0d1ed9f67a6a0c86
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd06ffdf5ccabb029d0dc8275bb48b4fc234350cbd7cb8de6cc348e8e47bfc59
cdea454724c45ad926434ca19806637461a5de4bcea8e092ddca7db571dc3a18
cf30a3f2905237af45d616d88af2bcea7390308953dd26e989245ba30a7e8a57
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08c29eb10a5de321110a8a3e205c4efe9b6f945095ffd9447c8bb244d8cfe47
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d107f6d68bde32443f37acac01340dae9b6b3fa25a659e8a9c7b14ba59100c43
d449ef74d93fc655ec8d9192b3ffabf958ccddb71ec21eda51223847604c9f85
d45d9f1dcb2353314dd631427acf5dd50dc3f882b756b241f6ef020d7dab56c8
d52e181f46fce3de01823cc23c23bad4016aba88ad12b4bba4841cfd12fad7c5
d63b5fc0e557e90265b6bbeb1df0ff666385c40169707201a04a256bfdecfcc9
d650d273ab2758ec8e5ca78360baccad44604096bfaa86d65226fe5110f72a6b
d7aa3e1561a21f8f99bd2d40785d7dbeee3f050bb44b8342c6e909d18c7e040f
d82652907e4bac8318c0fa574645fda913602cb39063afe12947539f28073bf6
d8b54f2c2be94ca69c7a4ec766f86768965b5e0b36e1ae656ae0b4bbdb5556b7
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
d9c0c3e85c6295e5353777a2989538dba3911ed55b196cfe4e6681c90f85335c
da493df9f8dc6a697f2dccf4cc64e5d5edd5445ea7033c0364f492848c195095
dbbb2a85b7f3c8d775693dd2b0c69b1a17c392cef4cb2de79fa49a6e34006cc0
dbbcc3404a14ef4afcd6e8e000bc56d8b172229935ca87f168ddee8e1d52ab6b
dbbe17ffa2c6ecf7f51928c8c7b16a626d543fadbde1c956104eeaa892a861a8
dd42860af2e0ef10161df8c08a1f5737c84cc8f5adc3c6ae3b5064aedb44756e
ddb3b6753bf45cd5cad7bbfd0a96324df6b10f9cf120af9cf9b6e438554d760b
dddb3ff9a5f20ee6aebe49a54e13016ad162e9f85c9d81bd6a9928b13bbbcced
de6aabd05e136b52786e1b8ece30d55262bf7c350dc629ae04b3c1c98fbec897
e165a8287ac6e993976e0f981ce0196e76bd28cc4daaabcb96a19cfe50629e3e
e2099d9a6c5aed5ace5b7d205d9c6c5132d9f520ddeb0c3f1023b28a162c60e2
e26835a66c5516ff343c5116b865a946d5407dff82a5c95656f32aaf7e924cad
e28bcfefad2c0f3f491619132330d80cd2d4b2e138d947cc93c673a326e70b1f
e2f02f34765f57754e2503f10d7f8936a759abe34b4c087f163ccee94597989e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a810324bd2222c6e525e48401b464b092c0dac0456efe3cc5e639381fe3b4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59498ff950418bc1fd339aa191bafb81a74ec94d640c8b45940e44ee9051aa4
e6c7a911b2262af474cb07fc64861a1fca560c349f579267602793a29def7e7f
e97e4e1a626109cc68dd6c4d590bb9af6f32522664224e559e4f2e48d9c4da53
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ea3b3fccc80ec2367900c7b7fff7162a7ba2bff793b31df137ac8bfe1826a7e0
eab6b8c67945339511ff5442c57fe03baad799d5a1d84869f3d6ea0940218698
ebc9499a1fa1277f95c8184e0fbd2260f08cdd5a45e190d93e9f1de44cc2d35a
ec3289528024c6e4b3d826fa20b6120957d8552e0d571eb5f887a8d5c6e0ac7c
eca7a48aa1a6739bb52bed5ce61569defc7046fb423f13c59c4c08f3fc88801a
ecfb8b0439da5fdccf9c2256c0ee89ab13534176f55f2f5553037296960cee0c
ed3d1a7f0e374a479fd9106f6b32ce6062baac77315d4729e3e2c55423ad28c2
ee51d26c7d5202ff8fffbe414d47fcd1fe2fb4fd122e5317a4bf6a8e91c0ab9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f047a9a5ca8bd3fe966db9c0ea77e9a6f88b01f2459a4de20c68197acf8fa2a6
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
f1c25e7ed8c03d85775b93446de73363ffc1f9728c7e0de99c23b22026da6b74
f211920e487e13d5da9be008dda9ff4ef8ffbb3938e005ed9549b9785927c9e6
f253fa048070f1f47eff2149483d2cb29fede1f62ce3ecfc8625015e70cd21ba
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f71a2212eabcd2e75afe61c0fb04dd593b8ffdf48989c40877c30d7fdd54f25a
f89afa533ee24b3e3e335bc5c0660e1c89d95e0fa11beca8da9fc8862a221ef4
fa32821ae212517f6eb39130dee267c7279ec94f30a8c2ef52f4b1f1b4d32dad
fbc515b629dbcf59fbbe5d5a19016e5bce25803005c3c4d2d5ba09ae52656c1f
ff459cc4f65a1b4774974da03bd11495e146ae25d0589693cb0149cd71bbc352

dynamo.kiev.ua Open in urlscan Pro 195.206.238.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

624 Requests

91 %HTTPS

0 %IPv6

72 Domains

104 Subdomains

69 IPs

12 Countries

8044 kBTransfer

13813 kBSize

82 Cookies

16 Outgoing links

Redirected requests

624 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

dynamo.kiev.ua Open in urlscan Pro
195.206.238.20 Public Scan

Screenshot
Live screenshot

Full Image

624
Requests

91 %
HTTPS

0 %
IPv6

72
Domains

104
Subdomains

69
IPs

12
Countries

8044 kB
Transfer

13813 kB
Size

82
Cookies

624 HTTP transactions
9 data transactions