www.gismeteo.ua Open in urlscan Pro
193.16.47.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gismeteo.ua/
Effective URL:
https://www.gismeteo.ua/ua/
Submission: On August 11 via api (August 11th 2022, 2:01:33 am UTC) from GB — Scanned from GB

Summary HTTP 240 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 79 IPs in 15 countries across 57 domains to perform 240 HTTP transactions. The main IP is 193.16.47.244, located in Krakow, Poland and belongs to WNET, US. The main domain is www.gismeteo.ua. The Cisco Umbrella rank of the primary domain is 280255.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 4th 2022. Valid for: a year.

This is the only time www.gismeteo.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	193.16.47.244 193.16.47.244	1820 (WNET) (WNET)
19	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 6	79.137.68.72 79.137.68.72	16276 (OVH) (OVH)
2	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:8b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
1	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
3	178.32.210.227 178.32.210.227	16276 (OVH) (OVH)
2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1 4	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.19.54.25 52.19.54.25	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
11	34.243.93.43 34.243.93.43	16509 (AMAZON-02) (AMAZON-02)
1	185.170.60.101 185.170.60.101	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:bc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7781:b014:6cd:344c:1dbf	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	3.120.3.232 3.120.3.232	16509 (AMAZON-02) (AMAZON-02)
2 4	47.252.78.131 47.252.78.131	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 1	176.122.21.131 176.122.21.131	48096 (ITGRAD) (ITGRAD)
1	88.212.252.22 88.212.252.22	39134 (UNITEDNET) (UNITEDNET)
2 2	193.232.150.70 193.232.150.70	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	195.201.152.104 195.201.152.104	24940 (HETZNER-AS) (HETZNER-AS)
1	151.236.118.210 151.236.118.210	204720 (CDNETWORKS) (CDNETWORKS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:9ba9:76c9:a8da:3df	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.253.74.200 34.253.74.200	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1	2606:4700::68... 2606:4700::6812:d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 2	2a02:6b8::90 2a02:6b8::90	() ()
1 1	23.75.240.210 23.75.240.210	() ()
1	69.173.144.165 69.173.144.165	() ()
240	79

12 193.16.47.244 (Krakow, Poland) 2 redirects

ASN1820 (WNET, US)

gismeteo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gismeteo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.gismeteo.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rss-images.gismeteo.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 79.137.68.72 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ltx1.host.hit.gemius.pl

galt.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8b2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.32.210.227 (France)

ASN16276 (OVH, FR)
PTR: ip227.ip-178-32-210.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.196.115 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.54.25 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-54-25.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com

s.update.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.60.101 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a1170.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7781:b014:6cd:344c:1dbf (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (Beverwijk, Netherlands) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.3.232 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-3-232.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 47.252.78.131 (United States) 2 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.131 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.252.22 (Russian Federation)

ASN39134 (UNITEDNET, RU)

lbs-ru1.ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.70 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.104 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.104.152.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.196 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9ba9:76c9:a8da:3df (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.74.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (None, ) 1 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, )

ASN- ()

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	270 KB
24	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 bid.g.doubleclick.net — Cisco Umbrella Rank: 473 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	483 KB
21	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	405 KB
19	gismeteo.st static.gismeteo.st — Cisco Umbrella Rank: 163250 rss-images.gismeteo.st — Cisco Umbrella Rank: 165796	87 KB
17	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 eus.rubiconproject.com — Cisco Umbrella Rank: 588 pixel.rubiconproject.com — Cisco Umbrella Rank: 326 token.rubiconproject.com — Cisco Umbrella Rank: 707 secure-assets.rubiconproject.com pixel-eu.rubiconproject.com	26 KB
13	indexww.com s.update.indexww.com — Cisco Umbrella Rank: 13515 js-sec.indexww.com — Cisco Umbrella Rank: 592 cdn.indexww.com — Cisco Umbrella Rank: 1470	57 KB
12	gismeteo.ua 2 redirects gismeteo.ua — Cisco Umbrella Rank: 271048 www.gismeteo.ua — Cisco Umbrella Rank: 280255	119 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 801 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 538	99 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 560 a1170.casalemedia.com — Cisco Umbrella Rank: 545331 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453	15 KB
9	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264 s.amazon-adsystem.com — Cisco Umbrella Rank: 288	46 KB
9	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 41533 inv-nets.admixer.net — Cisco Umbrella Rank: 2584	141 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755 bidder.criteo.com — Cisco Umbrella Rank: 732	9 KB
7	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 acdn.adnxs.com — Cisco Umbrella Rank: 584 secure.adnxs.com — Cisco Umbrella Rank: 462	32 KB
7	gemius.pl 1 redirects galt.hit.gemius.pl — Cisco Umbrella Rank: 127134 ls.hit.gemius.pl — Cisco Umbrella Rank: 12163	35 KB
6	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2045 lbs-ru1.ads.betweendigital.com — Cisco Umbrella Rank: 27178 cache.betweendigital.com — Cisco Umbrella Rank: 19295	5 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
4	clientgear.com 2 redirects event.clientgear.com — Cisco Umbrella Rank: 1960	836 B
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	158 KB
3	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 2975	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	793 B
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518 ads.pubmatic.com — Cisco Umbrella Rank: 496 image6.pubmatic.com — Cisco Umbrella Rank: 636	14 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1522	1011 B
3	openx.net setupad-d.openx.net — Cisco Umbrella Rank: 48859 u.openx.net — Cisco Umbrella Rank: 719 rtb.openx.net — Cisco Umbrella Rank: 1516	821 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	yandex.ru 1 redirects an.yandex.ru	668 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13782	1 KB
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1344	850 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 623	645 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 12517	823 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 550	1 KB
2	gstatic.com p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com	3 KB
2	setupad.com node.setupad.com — Cisco Umbrella Rank: 40896	417 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	57 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3659 cm.adform.net — Cisco Umbrella Rank: 1657	594 B
2	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5331 sync.adtelligent.com — Cisco Umbrella Rank: 4266	2 KB
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 40208	1 KB
2	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 158830	24 KB
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 903	44 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 188
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 611	98 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	982 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 361	921 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 14899	69 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 22988	335 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 679	277 B
1	tynt.com ic.tynt.com — Cisco Umbrella Rank: 4348
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 929	395 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	22 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	10 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8117	792 B
1	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 7111	2 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951	177 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	622 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 443444	168 B
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 43239	116 KB
0	tns-counter.ru Failed www.tns-counter.ru Failed
240	57

	Domain	Requested by
21	s0.2mdn.net	www.gismeteo.ua s0.2mdn.net
17	pagead2.googlesyndication.com	www.gismeteo.ua securepubads.g.doubleclick.net 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com cdn.jsdelivr.net tpc.googlesyndication.com fw.adsafeprotected.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
11	s.update.indexww.com	cdn.jsdelivr.net s.update.indexww.com
11	rss-images.gismeteo.st	www.gismeteo.ua
11	www.gismeteo.ua	1 redirects www.gismeteo.ua
8	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
8	static.gismeteo.st	www.gismeteo.ua
7	dt.adsafeprotected.com	9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
7	googleads.g.doubleclick.net	9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com www.gismeteo.ua cdn.jsdelivr.net googleads.g.doubleclick.net
6	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
6	galt.hit.gemius.pl	1 redirects www.gismeteo.ua galt.hit.gemius.pl
5	ib.adnxs.com	1 redirects stpd.cloud googleads.g.doubleclick.net acdn.adnxs.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
5	cdn.admixer.net	www.gismeteo.ua cdn.admixer.net
4	token.rubiconproject.com	4 redirects
4	event.clientgear.com	2 redirects ads.betweendigital.com
4	x.bidswitch.net	4 redirects
4	pixel.rubiconproject.com	1 redirects
4	eus.rubiconproject.com	stpd.cloud eus.rubiconproject.com cache.betweendigital.com
4	www.google.com	1 redirects 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	ads.betweendigital.com	1 redirects stpd.cloud ads.betweendigital.com
4	inv-nets.admixer.net	stpd.cloud
4	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
4	gum.criteo.com	2 redirects static.criteo.net
4	www.googletagservices.com	www.gismeteo.ua 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	sync.bumlam.com	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	match.adsrvr.org	ssum-sec.casalemedia.com
3	9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fastlane.rubiconproject.com	stpd.cloud
3	prg.smartadserver.com	stpd.cloud
3	mug.criteo.com
3	www.google-analytics.com	www.gismeteo.ua www.google-analytics.com
2	an.yandex.ru	1 redirects
2	x01.aidata.io	2 redirects
2	gu.dyntrk.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	px.adhigh.net	2 redirects
2	sync.1rx.io	2 redirects
2	googleads4.g.doubleclick.net	www.gismeteo.ua
2	p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com
2	node.setupad.com	stpd.cloud
2	fw.adsafeprotected.com	1 redirects 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
2	static.criteo.net	stpd.cloud static.criteo.net
2	prebid-stag.setupad.net	stpd.cloud
2	s.znctrack.net	www.gismeteo.ua
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	id.rlcdn.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cache.betweendigital.com	ads.betweendigital.com
1	sync.dmp.otm-r.com	ads.betweendigital.com
1	lbs-ru1.ads.betweendigital.com	ads.betweendigital.com
1	ads.adlook.me	1 redirects
1	ap.lijit.com
1	cm.adform.net
1	rtb.openx.net
1	ic.tynt.com	stpd.cloud
1	ads.pubmatic.com	stpd.cloud
1	js-sec.indexww.com	stpd.cloud
1	acdn.adnxs.com	stpd.cloud
1	sync.adtelligent.com	stpd.cloud
1	csync.loopme.me	1 redirects
1	u.openx.net	stpd.cloud
1	cdnjs.cloudflare.com	www.gismeteo.ua
1	static.adsafeprotected.com	9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
1	a1170.casalemedia.com	cdn.jsdelivr.net
1	cdn.jsdelivr.net	9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	adx.adform.net	stpd.cloud
1	hbopenbid.pubmatic.com	stpd.cloud
1	htlb.casalemedia.com	stpd.cloud
1	rtb.adxpremium.services	stpd.cloud
1	setupad-d.openx.net	stpd.cloud
1	ghb.adtelligent.com	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	id5-sync.com	stpd.cloud
1	loadercdn.net	www.gismeteo.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	galt.hit.gemius.pl
1	stpd.cloud	www.gismeteo.ua
1	gismeteo.ua	1 redirects
0	www.tns-counter.ru Failed
240	95

This site contains links to these domains. Also see Links.

Domain
news-ua.commerce.ua

Subject Issuer	Validity	Valid
*.gismeteo.ua AlphaSSL CA - SHA256 - G2	`2022-02-04` - `2023-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-16` - `2023-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.stpd.cloud E1	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-09-05`	a year	crt.sh
loadercdn.net R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
node.setupad.com R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
update.indexww.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-01-15` - `2023-01-13`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.gismeteo.ua/ua/
Frame ID: 5A2B9CA9FADBFC52DB276D696E7B97EF
Requests: 92 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: B0F49643EDE5A3144094069A9F4CF4C3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: DE0BBB75541A6261A3147085B2A283D9
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: B6F7D8862EFE72909BFF575F547624AF
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 326AB35BDE7D0C06ACF8AF6C3F01DA52
Requests: 4 HTTP requests in this frame

Frame: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 173342E465B285166F6EFB9038C25F28
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gismeteo.ua
Frame ID: D2CEF5E3049A4353C59606D04E8EACD0
Requests: 2 HTTP requests in this frame

Frame: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B46DDFEC91CF9A7DBA44F07F10ECC87
Requests: 8 HTTP requests in this frame

Frame: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 04A7AF655D310ED4EF85E0807E9962B9
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNXAxNBXo8U6GoGww4McyN0iMaRDdcEj64qQbnO4-3N1Z-C1cWy4iOJQJEHc0wf1mQlRPzDXGAnOypmc_CHMY4TTjajhJdMp-fAyy4anIY7Zaznl7W339d3yHt9w2PSRfdgpomEOTdTWb3DguApR_6oc2_utSJL4p6ZO3DV5FctSk5JGqLg
Frame ID: 292D1CF04E1775669BCFD816A01C740E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=679892651&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://www.gismeteo.ua/ua/&sub_client=bidder-657865&hl=en&aceid=MPlVNAFFWzQBkWA0AflwNAEQdTQBqHU0AcB1NAENeDQBm3g0AfR6NAGcezQBvHs0Ael7NAHsezQBB3w0ARx8NAErfDQBLXw0AS58NAE-fDQBRXw0AVF8NAFSfDQBWXw0AVt8NAFefDQBX3w0AWF8NAFufDQBenw0AX18NAGBfDQBgnw0AYV8NAGPfDQBnnw0Aa98NAG0fDQBt3w0AeprQQFLc0EBU3NBATnIXAInQqoCKEKqAvB2qgLnd6oCgJuqAoGbqgKCm6oCXqCqAqKoqgK4sKoCJrOqAre9qgJ_zaoC3duqAlXeqgLF46oCoOWqAqnoqgJd6aoCFuqqAg_xqgJx8aoCOfKqAnTyqgLz9aoCQ_iqAiX7qgJC-6oCbf-qAuwAqwKkAasCgQOrAvYFqwIkBqsCcwarAv0JqwJJDKsCTQyrArsMqwLTEKsC_hCrAsUTqwKNFasCaRarAh4XqwIuF6sCoBqrAhUbqwJDG6sCfRyrAvYcqwIGHasCHR2rAuseqwICH6sChh-rAqIfqwKvH6sCyh-rAkcgqwKgIKsCwiCrAkYhqwJ4IasCnyGrAr0hqwLhIasCQiOrAqEkqwLWJKsCQyarAnsnqwLMJ6sC4rPFBfBC3AlEb6YPX5z7EsvZ-xJQ6_sSlPb7EjL7-xLnAPwScQH8Epi5UROCLkIU-FZrGg&awbid_c=AKAmf-DKPpBa3eo59DO_EvUUyOu0UNeYy63N87nI9KIvc8ncbRw1MoJm4kGt455KxRiTCepmZnthOBRqKsaXEvUsT6wYccZ2UbG9m92J6XQ1aH82V-Qsgzdd_XGZhcGpilUOlcv7UVDoMn0ptBjD1MOFUJhEOh-9PxUbt0RIoPWVF3pLTdcOjrg&awbid_d=AKAmf-DW1OXVplqOrARtD98uhtSSJvDELHhVKSe1S65S1lz3yj7btJ8ok_rR55l2m2z7ETGoGMhU52E9OoXcgJH_iKYCdfAD0gis4MSVTT-PrGsnzipr5EMarn9Vrd92u7ATLFyrXIB57zMspg6goL8Z9ifeRqNi2dBUOhwTujkB8senIUnvwz_sFlPZg1E11gdEE_u5rB4FIRVaH5zbjh5WoF7WrA7A3ANLf-P9KlAukaedQ0yYRZXBsmHscOfm4ydj_5XWNQi1JpznktSL11Th7uo5ZV7asWTPcW1ELBnsxMNxYU2IGZra5Aryc_MzVcbAhcu4hSlhMUZ006y32kPL2Q8na8UdxNE1193hwuFWRI-aq0miF3ktE3dLpt1vEIEckiLAAcwRZANAB-KaGZDZh1Hzb7EG2Mpi0QR5HQC8XaRqFUQdhtC8yk0OPn9fIdHoZpA4mwLlHcb9oAQy64iA0tGdIbm4wPHZPDl6nnQao_y-rDYAqsjtZFE2ubT9Ka04SiKCoWUImSYn-CwkAnnG1dpJPpHy72KLdaEcND-1uWV0nXPGAYAWuA24YTmH_8AHtguN02KUujZ0r3Jc0YaTcG0auWcN6YQWWaoMvphlvEl4ac8N-2e190WXMamwsXuSzMN-Eh0rIw63uB8XAcLt8CGVfOtWgXRstbaoRGTmuRSl1W7CZ_6EhjfKb8HDv8RBmSgrrmPv&cid=CAASBORo0Yg&exk=2121067367&rfl=https%3A%2F%2Fwww.gismeteo.ua%2F&a_pr=13:YvRi9wAAAAAVmck2pahUnWFzULBJOPxk0ASiyQ
Frame ID: 073DD5172355B2C39878E3125788C3DB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 2806B5889FAAC29A5BE7BAC076BBB69B
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4D1A724FD515789FC5D746A7EF98A660
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 771C0180E5D2BD561B3A67DB1BD672D1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A7E8AE5EFB29E11E1BA624A8D40585D4
Requests: 2 HTTP requests in this frame

Frame: https://p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 0FE3D797886961186FE9C9B3E4F79567
Requests: 2 HTTP requests in this frame

Frame: blob://https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/8eea804c-2e52-4ee5-9d84-34e9a61c4833
Frame ID: 5E4FB5BC4D4FCB25F41C205A3E887B5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js
Frame ID: 0C92F73E40C02DA3F29C7FA3D9C1CA5B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
Frame ID: 9E048966E97D3B11BC46D72E91695072
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9FEF59FBC091F8134807A8F474549505
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 085A4365EA75C38AAB930864819CF841
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js
Frame ID: 0ED4390825365AB9D1CEDDFFC8C2ECFB
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B74C4A8803DDDA9643085ECDD406BE41
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=f3f9d49f-f295-4dd3-a4e4-c4f186bc4fd8
Frame ID: 373CEC59EA372FB5F1ED40E8E15053F9
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 0BC8B069D06EF558B4C4AE29A2E88A7C
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 352D4234A441B52CE0D03D4E13233695
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A2673AA2E96209B57E2FD9E2F6DA4A12
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 03A3AAC569C67BBD0194BE6D842F4FF7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 507D2E890B02503551F92ABAC351A1E3
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 3CC9E2DFB04E191C2A100021B7C97230
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=c4a0dfa7-98f9-52df-b513-cba0d7e7a957&CACHEBUSTER=234316
Frame ID: 3C74465434237AB14EA483F96D2DC24F
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 98EB85646B1373C2801476E0E99B1751
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 55E5B37D9A9D980D9B10891C47A49B5E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GISMETEO: Погода в Україні, прогноз погоди на сьогодні, завтра, 3 дні, вихідні, тиждень, 10 днів, місяць.

Page URL History Show full URLs

http://gismeteo.ua/ HTTP 301
https://www.gismeteo.ua/ HTTP 302
https://www.gismeteo.ua/ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

240
Requests

89 %
HTTPS

31 %
IPv6

57
Domains

95
Subdomains

79
IPs

15
Countries

2251 kB
Transfer

5710 kB
Size

61
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://news-ua.commerce.ua/feed/?click=MTg4NTEzfGJhOWE4ZDMyZDE2YTg1ZjIyYzkyOGI5N2VjMDAwYmY0
Title: Маковія, Яблучний та Хлібний Спаси 2022: коли відзначимо і що треба встигнути зробити

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTg4NTQ0fDdkMzcxNWY5ZGE1ZWVjMTMxYjRiYzEzNmIzNGE0MTU5
Title: Що буде з мoбілізацією в Україні після 23 серпня

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTc4Mzk3fDRlNjRjMzlmNjBhZjRmN2E3YTcxOTAyOWE2NDBkYmE0
Title: "Буде не 40, а 120". Який курс валют чекає на українців?

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTgwNjQ3fDU5M2RiZmZjNmQwYjljNTQ4ODUzMGQzNDU1ZWVjMGFm
Title: АТБ закриває всі свої магазини

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTg4NTQxfDA3MDI5M2FiYWQwMTkxZDE0NmRjNTk0ZWFkM2YyN2Yw
Title: В Україні оголошено штормове попередження (карта)

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTg4MjE5fGMwZDBmYzdiYWI2OGJkNGY4OTc4YmZkZTVjNDU2YWE2
Title: Подоляк озвучив нові цифри щoдо втрат ЗCУ: подробиці

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTg4NDMyfGNkYjRjYmM2ZDY4Mjc3NDUwNTkyYzFlMDNmM2NiYmJi
Title: Вже другий банк визнали банкрутом в Україні

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTc5MDMwfDZkNmQ5NWQwZjZkY2RlMmRjZjc3OGVjODQzNzQ2Y2Fi
Title: Коли завершиться вiйна: пpогноз від генeрала Марченка

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTg4NTA4fGZlOTYzNjU1YmEyNDhmNWNhYTNhMWM5YzNkZGY3Mzcx
Title: В Україні подешевшала гречка: де зараз вигідно купувати

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTc5NjE5fDc0YzViYTkwNjlkMWM1NTIxMjlkMjYxMTAzZDAzMDYz
Title: Аcтролог попeредила про cерйозну небезпеку та cмерті у пoвню

Search URL Search Domain Scan URL

URL: http://news-ua.commerce.ua/feed/?click=MTg4NDk3fGQyZWJhZDVkMjJiMTE2ZjUwYzhmYzI3YzRjZWI2NTNi
Title: Володимир Остапчук повідомив про смeрть близької людини

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gismeteo.ua/ HTTP 301
https://www.gismeteo.ua/ HTTP 302
https://www.gismeteo.ua/ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://galt.hit.gemius.pl/_1660183287042/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9TVmJOByXzlEmDxDqtwjy6bbIQ7fnBrq_xm5IABV2vj.q7FLvX5J_k8DdoyJDHWwyRm4STGsz4BZXUHtoCtqKiw_0F2O/_guxMJSCobTwv/&ltime=267&fpdata=-TURNEDOFF HTTP 301
https://galt.hit.gemius.pl/__/_1660183287042/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9TVmJOByXzlEmDxDqtwjy6bbIQ7fnBrq_xm5IABV2vj.q7FLvX5J_k8DdoyJDHWwyRm4STGsz4BZXUHtoCtqKiw_0F2O/_guxMJSCobTwv/&ltime=267&fpdata=-TURNEDOFF

Request Chain 48

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=r0Kg1nxldHVCRHFSaVdNb2dBR291TVNnalVLMUdtNmlIajlRU1ludUpZRjNVcWJSbTVGMG5VODl6ZXphbjVHRDVYbStrR3lCRzZoUSs2Mk12OTlNeGlxS0ExS1FNc2s4WENualJaTCtvWms5SkNCd21FVzRBZ1dFNWdaMEhIVWgzWVBJand2MjlxeWdUNDdJSXFUQ0E3ZDdWb2JoTVlDdThOTExiNFYvNFYvT2h6N0FnRTUvMWFuUExWeXZYZEdzREZGTTFzd2l3ZkFKbjhqZklKOGJxVklIUEtWT1E5Zi9vK1l4MHRjbDBoaXhSQTA4PXw&cppv=2

Request Chain 94

https://gum.criteo.com/sid/json?origin=publishertag&domain=gismeteo.ua&sn=ChromeSyncframe&so=3&topUrl=www.gismeteo.ua&bundle=6ygLil9wR1lzcGRJSDJtTVZNM0YxNHFIVWtpS2xQdzg1bWt6MTBMeTlxTDhuekVGaXJ5T3BYc2FPVVRSTDE3Y0RBZGlxdjNOd3B1VHNQZm1KNEMydEJkVzJIall3MkJhbmthRCUyRlBOam94MUFmUXN5UllrM3RHV2tQamxTV0E5S3NjdE9s&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-GOGQHxKRFFqNVpsMUhiSzg1Rkh4Vzc0R0RuNE9ZRmwyY2xybVpDdHRwNGVYRjVUb0FCaUtnbGpDOGdmTWFodHlMOU5SOVVVbVRqYTREVHJIMHhheDJYUmI4VnR3MFFzV0RKUVQ5RnlKMnhCUDI5aUl3ejdYdzRIMFdVeWkreHorR1lHMDZvbkZZU0hLY2FwQ1Z6N0twcVc2VGx4RHRWK1BBU0V6SUo5enZqNnpKS0YwZUgvYitqOUNIVXhGSU5XYUZ0b052Smh1Q09IcVJKS0Q3ZjFpTURaNkphWE1vK0t2QkgyWklRZEtPSUpjZzJJTXJ4ZUsxQkJyb2MzZ0l6QU00MkFySXlTWVZuUHJlWnZJOXgwOUNocWh1dz09fA&cppv=2

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH_jjOIFX_tzDxQmrRHHlE&google_cver=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvRi.Q80HdQ1jKe6AkuqqAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSzRAQjUAaCFhThoBtZdZU&google_cver=1&google_hm=2

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2Zr3w2kPAHvUf-g1ggnLE&google_cver=1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2NTQxNDU2NTIxODU5MTI1Nw%3D%3D

Request Chain 121

https://fw.adsafeprotected.com/rfw/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iBN1PX-XQbhvrdsHsx-XE5_o9POcmzukwsahe1tDPbGQ5xSZCbhSohHRV8DXOMTgGwm2lsxJYsMKBzaYxvedDdfR_7NbEKTqjCI_w7iEqkVAKAmf-DQUZp1M6LbqRSk7IRcxb1Z69gY8FZhh_cWSUa2bTI7YO0RBUG4IFaI_cC6d7_OtrWQw_axSyDjAyGzAU0o2wtKmtfGGml8mEYzOt-hwbz6ZEwW7O4qFsHi7i1hxqVl6_2n41ihdsH565yKTSQE2WxnyN2_F9er3-NLF5rtJB_Tsq251ZdPGlWxoSot03JdVYlVCY7ErUn5vxgcxjKj0GmZiQaupt8mRQNdZIMKqixcv2R3xFIZbZjZiZ_SZuQWvDRyCsNHQaQzkjI-g1pdec70VTgiwSwUCIRwkBVt7hFbN0zDCu7zoAVuQvg5BAodYfLqkMzN8yZ8xoCtjM87OrZeVuuOwxL9IoOsl6x2ZH5A5EAI1qG56orVNVL1DTJ4P5PNCykUnONj7qiaLzTQWawI-rlJQmT3xYzWlXF5D_DkxjBdOhobyn8tElGIYOTxRIRDa6F0-m3NjjbiTORCG2VnoCk10PenZRlXO-sZDa0_cz5OxGMpdvmnQ9gnm8OvnJ5ZvaLRa35cJjrSWyTdQqEbncCFk3Jn2j3tknbUQyi8Z4584wWU2QfsJm8IuIf1fxvaDp0mLKscgcAMEhuE85gPT3rzVxQqbT2pqwxJMRcv77XT2Rud6Lb0uXSJWwc8PVEQLvKX2vVsNkRfWXNIrrthIenS10L2qay3PfEentlnAvx2eQf9Fz5oVPnoOOh_1p-rQhCbU7gR0ZVatw1bg2Z-ZwuF7J8vpG0fl8skUsp6R9CfHad8b3ofQ7-MhI6bqdZoWVLc8WRpsvB8LKKJd4wiixsP8oYNxcAEtoOAVzpkNdtXZBmGbsIkbEJuEZDI-oCEcIjNb5DEH6o_V53BvHQ_w83eWUOaNuZaT_pQNcTdRvL0xgOqh_d03quV0qUpZOZ2drId9fxozWbQeKhi85A11VC3dL34uBUu9-GgMvNK_AdlOXBCRYghpK-KmkAfmcAIB7ef5Nk5782sfVx6cSBVIa2cHvo6l1CAZAdWQwFLJuPYAZMuBBH7tux9j51tzw53FqS6Nb96UoKVq4MRQHMcfLKOq1KY4nX1kpyw4enTr_5rpFOeKi_j3eOm4TTRHz2-b7VbbF1M79kQlJmmuYtwBfyePgwgWi_oVu_kaGzH6BwnfNZ1vpGasVM552cBV6IXvM6ahALtOS1j3APgvWHiMGCBqlSyjBSaNeuxYzvcfjV9qHMs7isNnncNqz9A61AyjtuKRzo-Dml5TaIWsrO7f4Y1BFx8FdrMkrLiCe2KdTpXu__DZChKMvbTRwYYra-ll1tbd7R1sE4vk21gvMAbF7yUniWyROJqHEoEEFLaKCse0zJVumyHb4aduHQ-iAJNMfrOxclW_bNh398RbbBIYu9S5ns30-2XkxAj3Vp7ZG8QObpg-gy0Vcc404GYFs-xORj6aqhhkrC0_6szh0PMcswvfVd0aOpEFKgsDXn6pCMlyYRZiLX_0cZFc-KPqjF-jSbSYA07lGFP30Pyc-0AQscFk3_aCCSOlCkbwKfWpjUzi5kWURAei1IXVfnEp-Y0pGTR01mnCqMLk2a60-cXCx2nZ69y78b1HpfuuK7eb2CKDKx7CtY7scR2tvBaOMj2EdtZGEFv00ZyRZxn6L4PpV8fLx9TstHWVy3qwsGpPQELFnhor31aACwxlzawKjK0skmQcEY4KmPsqHqyuFb_-oHjKliMo44zoJx_C_yW6T75A2ilFN4D9J0-jq4yFKb54Tp5scJSLdo0JW2W5l4g4quc5BkPNj3dGFWWWL3_iJo3UFhNUHfsMC4HtyJAi42hfgRgQYMH9AuZiSxWxlGrT9KWMY1FaBdjWrhCBE9njZ9PFbjVP-NpantshS3mslMWOxmnCfVsVYUDSXZfT0jvC5y2uXoIRDNvcYs95AI0UWDHcNvQAduws6YYB-GKMR2Eu0eV-qQFhPKU5PQui5A3xHr-zbkqt-qzHe9flNg-5s_AWSZc-z7y9z7_iJNjLIkf3HjqjqKuCtX5x16vdfl-66WdU2_8xPvG3jZlRgi_BSnh0x_6VTl5N2wggpA98WnHEF9c247pYfURQP_CnoXkEb-nGiyuxs5ggixXzbLQ60BEb8-eZzGrhyvGU_wyGDsyaqmD016VBan6CWndfFVoLQfkBoQczhbEBYs2cSeRkSV9j3cvUsWbdNMPfnt3UBySX3RqvbjhQ-sVHo3QKhdjDK0MWXmR-StDU30uUymB5_QbeUl5PbTlU1lg94YhwBNTFouxyaJ8X2uu1axovvgK92NGx0JG4ViNonyzIzXwoJMlnnymmPKaiTLZCnwkTIias3AFjp7cs7TAi6bX4PGuGCkYYRVQ_Y4qsog9Jb4pK1HbGAzFSaVD3Lwpn_4f_6qQJYsWLj5gzyIIuWS4KnxMOw1wOFwhFI6skN3uzqNPLA1zX7imZ70uVmvK4MCY7HwqQGHiL5mMQ2S8xu9kcdZhYg1lRGN65VyU4RNWzHS8PKA21UCtISQ7Uockcb2xOQpUhB5B0CwpNYSCGD9mTjMj7sPG_5zNtlx5Q5jdTjnMi01EYj_O2cMq8kfyO2vFvS3Mm9OJs_T8DOPbkJTR5te8MQxpCcsOlRthExj7LLpOBcMRXP135pHWox7rmHjd71RWXnmyoKFmCxUBaM9LNeClM88JsT-QNEgR7uv90wOezQu-w-gdt4c6V2S6FI2fo8vUM0Bs0jd8TvXdBqLjbMwXxkVFHF6LftXYCVf98lyQh2FUcD0qYFzksT7P2T7VSn2_XSUA0jjMAddCwi0HtQWLK3XI6H-DkNzGaz4riowhqYzSLeyrn5rp0tmQmE6C95clygmV3Pd5zdka0_gCv9K95N9k71fnINubAhU01Sw_8C_z5YV92AC14VhbINCn7a3A7Go6IASPIAoqjFHLDu_5eoieuqYEyiSOWXraugKiPupVXJ0f3WAVP0v9fXm1qi6b5tzsIaadjuiJ89mDbmEzc2eboo07VgjKPBfFTwk0nKvB34gKUM0aYVWCIiHq0VtsCK6q9SuSyIqLWjpLDEtcIDRu9qxSOsUBZ5WTkGKHhMyD3BbEpk0kK74jFCRueCaQLsGmfGsGg3GbnLHMxDOcaaN8XamUDMly9v5niFnrF0cEi5E1PuOrxAjE6bX-yTFs0meFV4DxKZIlMcJhn7VurAtxDAhJ24T_oLVWfgipJrPC0J3p6i6fG21qf9hW4y3cbXChT5oF5pjmIrURGGf69Odbn7tlDIEAINU4S9jEfXHyivwENRnc2LOh0EwEU1aiuwh11X73AGviXxsTvGT3Z8Ws5-cUOB2X4XJUuIlVziSyuDUGd8Zq9xhcnFiwxEeA4CR79eDyzdQPmL9W-1O1nonzjLFgr0dBiLmZe6NySh3ysA5D7pn2vDkGPk0BiCRtOKTbwjDo8_gKWvabnr0V3W155Tt7lcWFRyGZ-qPSGu5l4uw52Jwb_r3FyOI14w5XEXaPz4P8MMQ9HAcEpgriBjIjSkdpCZsr8yemTwUpS6hJ0T9rLqfEFl-8dl6RFAoMyLpKqKaRm4BM0ichiGUcl4dRGSf8i7gbIiJ7WY3xj395RMnoeS6Y10syCE6p_YWRo57lxGfxUWSTE0OlmPE8V5zy33DcTEBJHA-Cd9oBtsxwFg4aKwgAEifkaOUl5QKb3tWP4exloTJDsnWbHVKQV0xOTxbhyFgflgc738nowCJgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-0511822087518170&ias_chanId=1&ias_placementId=17668708710&bidurl=https://www.gismeteo.ua/ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ixX_j6L01_btP_fHWAn1Ow&adsafe_url=https%3A%2F%2Fwww.gismeteo.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6d6723ed-3165-6f92-dac2-30f92b069144,c:kWzgxL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8674f54cf9-qdcbj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:838ee41c-1919-11ed-9dfe-16f2308c05b6,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iBN1PX-XQbhvrdsHsx-XE5_o9POcmzukwsahe1tDPbGQ5xSZCbhSohHRV8DXOMTgGwm2lsxJYsMKBzaYxvedDdfR_7NbEKTqjCI_w7iEqkVAKAmf-DQUZp1M6LbqRSk7IRcxb1Z69gY8FZhh_cWSUa2bTI7YO0RBUG4IFaI_cC6d7_OtrWQw_axSyDjAyGzAU0o2wtKmtfGGml8mEYzOt-hwbz6ZEwW7O4qFsHi7i1hxqVl6_2n41ihdsH565yKTSQE2WxnyN2_F9er3-NLF5rtJB_Tsq251ZdPGlWxoSot03JdVYlVCY7ErUn5vxgcxjKj0GmZiQaupt8mRQNdZIMKqixcv2R3xFIZbZjZiZ_SZuQWvDRyCsNHQaQzkjI-g1pdec70VTgiwSwUCIRwkBVt7hFbN0zDCu7zoAVuQvg5BAodYfLqkMzN8yZ8xoCtjM87OrZeVuuOwxL9IoOsl6x2ZH5A5EAI1qG56orVNVL1DTJ4P5PNCykUnONj7qiaLzTQWawI-rlJQmT3xYzWlXF5D_DkxjBdOhobyn8tElGIYOTxRIRDa6F0-m3NjjbiTORCG2VnoCk10PenZRlXO-sZDa0_cz5OxGMpdvmnQ9gnm8OvnJ5ZvaLRa35cJjrSWyTdQqEbncCFk3Jn2j3tknbUQyi8Z4584wWU2QfsJm8IuIf1fxvaDp0mLKscgcAMEhuE85gPT3rzVxQqbT2pqwxJMRcv77XT2Rud6Lb0uXSJWwc8PVEQLvKX2vVsNkRfWXNIrrthIenS10L2qay3PfEentlnAvx2eQf9Fz5oVPnoOOh_1p-rQhCbU7gR0ZVatw1bg2Z-ZwuF7J8vpG0fl8skUsp6R9CfHad8b3ofQ7-MhI6bqdZoWVLc8WRpsvB8LKKJd4wiixsP8oYNxcAEtoOAVzpkNdtXZBmGbsIkbEJuEZDI-oCEcIjNb5DEH6o_V53BvHQ_w83eWUOaNuZaT_pQNcTdRvL0xgOqh_d03quV0qUpZOZ2drId9fxozWbQeKhi85A11VC3dL34uBUu9-GgMvNK_AdlOXBCRYghpK-KmkAfmcAIB7ef5Nk5782sfVx6cSBVIa2cHvo6l1CAZAdWQwFLJuPYAZMuBBH7tux9j51tzw53FqS6Nb96UoKVq4MRQHMcfLKOq1KY4nX1kpyw4enTr_5rpFOeKi_j3eOm4TTRHz2-b7VbbF1M79kQlJmmuYtwBfyePgwgWi_oVu_kaGzH6BwnfNZ1vpGasVM552cBV6IXvM6ahALtOS1j3APgvWHiMGCBqlSyjBSaNeuxYzvcfjV9qHMs7isNnncNqz9A61AyjtuKRzo-Dml5TaIWsrO7f4Y1BFx8FdrMkrLiCe2KdTpXu__DZChKMvbTRwYYra-ll1tbd7R1sE4vk21gvMAbF7yUniWyROJqHEoEEFLaKCse0zJVumyHb4aduHQ-iAJNMfrOxclW_bNh398RbbBIYu9S5ns30-2XkxAj3Vp7ZG8QObpg-gy0Vcc404GYFs-xORj6aqhhkrC0_6szh0PMcswvfVd0aOpEFKgsDXn6pCMlyYRZiLX_0cZFc-KPqjF-jSbSYA07lGFP30Pyc-0AQscFk3_aCCSOlCkbwKfWpjUzi5kWURAei1IXVfnEp-Y0pGTR01mnCqMLk2a60-cXCx2nZ69y78b1HpfuuK7eb2CKDKx7CtY7scR2tvBaOMj2EdtZGEFv00ZyRZxn6L4PpV8fLx9TstHWVy3qwsGpPQELFnhor31aACwxlzawKjK0skmQcEY4KmPsqHqyuFb_-oHjKliMo44zoJx_C_yW6T75A2ilFN4D9J0-jq4yFKb54Tp5scJSLdo0JW2W5l4g4quc5BkPNj3dGFWWWL3_iJo3UFhNUHfsMC4HtyJAi42hfgRgQYMH9AuZiSxWxlGrT9KWMY1FaBdjWrhCBE9njZ9PFbjVP-NpantshS3mslMWOxmnCfVsVYUDSXZfT0jvC5y2uXoIRDNvcYs95AI0UWDHcNvQAduws6YYB-GKMR2Eu0eV-qQFhPKU5PQui5A3xHr-zbkqt-qzHe9flNg-5s_AWSZc-z7y9z7_iJNjLIkf3HjqjqKuCtX5x16vdfl-66WdU2_8xPvG3jZlRgi_BSnh0x_6VTl5N2wggpA98WnHEF9c247pYfURQP_CnoXkEb-nGiyuxs5ggixXzbLQ60BEb8-eZzGrhyvGU_wyGDsyaqmD016VBan6CWndfFVoLQfkBoQczhbEBYs2cSeRkSV9j3cvUsWbdNMPfnt3UBySX3RqvbjhQ-sVHo3QKhdjDK0MWXmR-StDU30uUymB5_QbeUl5PbTlU1lg94YhwBNTFouxyaJ8X2uu1axovvgK92NGx0JG4ViNonyzIzXwoJMlnnymmPKaiTLZCnwkTIias3AFjp7cs7TAi6bX4PGuGCkYYRVQ_Y4qsog9Jb4pK1HbGAzFSaVD3Lwpn_4f_6qQJYsWLj5gzyIIuWS4KnxMOw1wOFwhFI6skN3uzqNPLA1zX7imZ70uVmvK4MCY7HwqQGHiL5mMQ2S8xu9kcdZhYg1lRGN65VyU4RNWzHS8PKA21UCtISQ7Uockcb2xOQpUhB5B0CwpNYSCGD9mTjMj7sPG_5zNtlx5Q5jdTjnMi01EYj_O2cMq8kfyO2vFvS3Mm9OJs_T8DOPbkJTR5te8MQxpCcsOlRthExj7LLpOBcMRXP135pHWox7rmHjd71RWXnmyoKFmCxUBaM9LNeClM88JsT-QNEgR7uv90wOezQu-w-gdt4c6V2S6FI2fo8vUM0Bs0jd8TvXdBqLjbMwXxkVFHF6LftXYCVf98lyQh2FUcD0qYFzksT7P2T7VSn2_XSUA0jjMAddCwi0HtQWLK3XI6H-DkNzGaz4riowhqYzSLeyrn5rp0tmQmE6C95clygmV3Pd5zdka0_gCv9K95N9k71fnINubAhU01Sw_8C_z5YV92AC14VhbINCn7a3A7Go6IASPIAoqjFHLDu_5eoieuqYEyiSOWXraugKiPupVXJ0f3WAVP0v9fXm1qi6b5tzsIaadjuiJ89mDbmEzc2eboo07VgjKPBfFTwk0nKvB34gKUM0aYVWCIiHq0VtsCK6q9SuSyIqLWjpLDEtcIDRu9qxSOsUBZ5WTkGKHhMyD3BbEpk0kK74jFCRueCaQLsGmfGsGg3GbnLHMxDOcaaN8XamUDMly9v5niFnrF0cEi5E1PuOrxAjE6bX-yTFs0meFV4DxKZIlMcJhn7VurAtxDAhJ24T_oLVWfgipJrPC0J3p6i6fG21qf9hW4y3cbXChT5oF5pjmIrURGGf69Odbn7tlDIEAINU4S9jEfXHyivwENRnc2LOh0EwEU1aiuwh11X73AGviXxsTvGT3Z8Ws5-cUOB2X4XJUuIlVziSyuDUGd8Zq9xhcnFiwxEeA4CR79eDyzdQPmL9W-1O1nonzjLFgr0dBiLmZe6NySh3ysA5D7pn2vDkGPk0BiCRtOKTbwjDo8_gKWvabnr0V3W155Tt7lcWFRyGZ-qPSGu5l4uw52Jwb_r3FyOI14w5XEXaPz4P8MMQ9HAcEpgriBjIjSkdpCZsr8yemTwUpS6hJ0T9rLqfEFl-8dl6RFAoMyLpKqKaRm4BM0ichiGUcl4dRGSf8i7gbIiJ7WY3xj395RMnoeS6Y10syCE6p_YWRo57lxGfxUWSTE0OlmPE8V5zy33DcTEBJHA-Cd9oBtsxwFg4aKwgAEifkaOUl5QKb3tWP4exloTJDsnWbHVKQV0xOTxbhyFgflgc738nowCJgAQ

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 193

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=f3f9d49f-f295-4dd3-a4e4-c4f186bc4fd8

Request Chain 204

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1660183290874 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808042249

Request Chain 210

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5be1cbc7-b9b3-4391-865f-8a89a423e76a HTTP 302
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5be1cbc7-b9b3-4391-865f-8a89a423e76a

Request Chain 211

https://ads.adlook.me/csync?url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D%26callback_url%3Dhttps%253A%252F%252Flbs-ru1.ads.betweendigital.com%252Fmatch%253Fbidder_id%253D42122%2526external_user_id%253D%7BuserId%7D%2526external_matching%253D1%2526forward%253D0 HTTP 302
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=9785f0c72ca142689b8deeac1abfaf9a&callback_url=https%3A%2F%2Flbs-ru1.ads.betweendigital.com%2Fmatch%3Fbidder_id%3D42122%26external_user_id%3D9785f0c72ca142689b8deeac1abfaf9a%26external_matching%3D1%26forward%3D0 HTTP 302
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9785f0c72ca142689b8deeac1abfaf9a&external_matching=1&forward=0

Request Chain 212

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0zZPFnvHURM.AikABlGCiqKkwg

Request Chain 221

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=30b886a3-70b2-4441-8a63-97e118142584 HTTP 302
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=30b886a3-70b2-4441-8a63-97e118142584

Request Chain 222

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6OE9J2Q-D-4QWF

Request Chain 223

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YEKD4m3cTZiYSvHbLz05Cw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YEKD4m3cTZiYSvHbLz05Cw

Request Chain 224

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/BLCXMWvEzBFxbP2rODW-jQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516594510570665874

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3ClkvZSM5OWLY7gmzYfIw&google_cver=1

Request Chain 228

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPRTlKMlEtRC00UVdG

Request Chain 229

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY1MmU5OTIxYTI4NTUzMzdmOTM5M2NhZDA0NTRlMDBkNDhkY2UzZg

Request Chain 230

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvRi-Q80HdQ1jKe6AkuqqAAABKYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvRi-Q80HdQ1jKe6AkuqqAAABKYAAAIB&dcc=t

Request Chain 235

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YvRi_wAFiEvUnwAK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvRi_wAFiEvUnwAK&gdpr=1&_test=YvRi_wAFiEvUnwAK

Request Chain 236

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 240

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARj7xdGXBqIBEIVLVf4ZGRHthuAAJZDAZHw* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=854b55fe-1919-11ed-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=854b55fe-1919-11ed-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=jD3p4QZBvbt8z%2BGNk7%2F%2Bcw& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/854b55fe-1919-11ed-86e0-002590c0647c HTTP 302
https://an.yandex.ru/mapuid/adsniperis/854b55fe-1919-11ed-86e0-002590c0647c?redir-setuniq=1

Request Chain 242

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 245

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/234316 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/234316

240 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gismeteo.ua/ua/
Redirect Chain

http://gismeteo.ua/
https://www.gismeteo.ua/
https://www.gismeteo.ua/ua/

71 KB
23 KB

1713ms
1713ms

Document
text/html

193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

6fc1c3fc7d492379a2182472029cae39c48e7863891cf6503fc2263c636b2589

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache no-store must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Aug 2022 02:01:26 GMT
server: gis
server-timing: type;desc='backend'
strict-transport-security: max-age=604800
vary: Accept-Encoding Accept-Encoding User-Agent
x-content-type-options: nosniff
x-dc: ua.router-cdn-pl02
x-decepticon: 0
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache no-store must-revalidate
content-type: text/html
date: Thu, 11 Aug 2022 02:01:24 GMT
location: https://www.gismeteo.ua/ua/
server: gis
server-timing: type;desc='cache'
strict-transport-security: max-age=604800
vary: User-Agent
x-content-type-options: nosniff
x-dc: ua.router-cdn-pl02
x-decepticon: 0
x-xss-protection: 1; mode=block

GET
H2 200 n_c0.jpg
static.gismeteo.st/assets/bg-header/ 2 KB
3 KB 153ms
50ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/bg-header/n_c0.jpg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ef9e4a353c5adea27356c57a75527bd31dfaddb0cdaa334dd546f8bacac7fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 87c077e3-d501-408c-899b-70c4f6b431b7
age: 155
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1999
last-modified: Wed, 29 Jun 2022 12:57:19 GMT
server: cloudflare
etag: "9e30c27240fbd20ba7719cb8a3f17a31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vCPY1cbzPEq53r8wMhjjhYCQZAWlKaIanT%2B6wUPImYRG5xBAhBXB7%2Bm6IuZaUCA71lQWGRztFy79iZIRMFsVoW1%2Fg5zCKJ8X7PzBK%2BSCmJvz6EgmlecyecJA%2B87RrLgFcHZpWf8gRRFGl4v0qC%2BtRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1656507438.65894
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62250c9176cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
56 KB 227ms
97ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fc41fe2f42902006230e4906e2def2e8551e9fae9584af11883fab423e5f9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57251
x-xss-protection: 0
server: cafe
etag: 7190684196089270554
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:01:26 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 202ms
60ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:08:58 GMT
server: nginx
etag: W/"62e28a6a-2c101"
x-cached-since: 2022-08-11T01:57:29+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 28 Jul 2022 13:20:15 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 193ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77f2dc9b6f0795bd37c21453e2f478f8f7160ad3b78ba939e003037405e90d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28612
x-xss-protection: 0
server: sffe
etag: "1300 / 50 of 1000 / last-modified: 1660136572"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Aug 2022 02:01:26 GMT

GET
H2 200 gismeteoua.js Show response
stpd.cloud/assets/hb/ 423 KB
116 KB 171ms
67ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/hb/gismeteoua.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c08c7d75ed50f7ead3d65bf0488ba70557b8cfb584bd2b31914513d5ca5f7c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: sRKG9wBq/PwBnSYgDO5BnA==
age: 6743
x-ms-lease-status: unlocked
last-modified: Wed, 10 Aug 2022 09:40:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 71667b12-501e-0001-469d-aca04b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 738d62252b780089-LHR
expires: Thu, 11 Aug 2022 06:01:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3566
date: Thu, 11 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Aug 2022 03:02:00 GMT

GET
H2 200 xgemius.js Show response
galt.hit.gemius.pl/ 57 KB
15 KB 239ms
76ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/xgemius.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 9709536c63c0fe7d46b59bcbdbd32a33e8201d32316674a742d003c767b2e2b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Thu, 11 Aug 2022 14:01:26 GMT

GET
H2 200 desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
www.gismeteo.ua/ngamg/assets/bundles/ 214 KB
34 KB 87ms
86ms Stylesheet
text/css 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

4fb127faab61d35a30e2941868508a1d37b60658f3310af0c702b19e2538bed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62f3b33a-356ec"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 desktop-weather-5853ac89327d2775d45a.js Show response
www.gismeteo.ua/ngamg/assets/ 138 KB
30 KB 143ms
142ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/desktop-weather-5853ac89327d2775d45a.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

f34d7c9330d38f0a448ac3c107f2891cfa62c83d1e2ef1e5b2a77b3a6cd75748

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62f3b33a-2262f"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 n_prc.png
static.gismeteo.st/assets/maps/ 7 KB
8 KB 137ms
52ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_prc.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ff33ff05a65a7275c4ecf0792cfd9010a6bfc139af4ca18fddc3f4674afc90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: bf37109c-2b81-42ac-80e5-8a0e43201925
age: 4660
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7412
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "773ddb5c311bbd5c6045c933b0ba8878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00a3RqDBjdrSE%2FC8XxZxY%2F0s2QBkVBFTdXuc%2FAAtxpMkiv7wxhaJeWY5NdEVocD%2BhjcrnpzccV8QpP29ib2J%2BKRRYLClZlWx3QSFXM70mD%2B5pU%2BI2eWAhwypfW763jkGccMayhZcApGxAvJuEOdN%2F3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.43545
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62250c9376cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 n_temp.png
static.gismeteo.st/assets/maps/ 11 KB
11 KB 138ms
54ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_temp.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a56c205b17f172e198b8ecda86282e8e29a86d88d02a39ac120f527fc71bcd17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 420fde05-3478-47b1-81a4-8407f559c91d
age: 4334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11333
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "3eae37d0e2661370eb06e2d380bbbdf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG7WPnJbara5x2u8g%2B3cr3TSirIrB2uvinzgame3cXxy6sMwmGhKGXt%2FrchYmpAKL9pn31bMgEowCnLcso7HgLWi2OBtJGU1vsZOazr%2FECGTJiVZKtHmgcfNXYvHD9hyGmWYg9i4QoC7mF8UG7rvNWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.44904
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62250c9676cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 n_wind.png
static.gismeteo.st/assets/maps/ 9 KB
10 KB 137ms
53ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_wind.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d406d4745472525da74efe07425fa1c73865f524dccf430f6c0f0e85f6f06b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: d4fdce7f-9536-4c07-b375-0cc57ebf810b
age: 6924
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9644
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "708edc4ea31887977ccccc22ec1bfc55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzFNPIYGSZCQQtbqtvACChI2tHP9thf1UBOwHemkC3%2FAlE7Yt2IrdvR%2B8az1x2s%2BHJJ3OAJ1vk%2B9IhDbHVAZKfsenenSFkO1J1o%2FFGIk5j4R%2FJjkG9f3b9%2F7JPQ3B3Yq%2BFtpoqpEjTOTVTpAfCje%2F7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.43534
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62250c9476cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 n_clou.png
static.gismeteo.st/assets/maps/ 16 KB
17 KB 136ms
51ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/maps/n_clou.png
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894aa20536ae6e99f77b8ea596211dc5a629e23fc3bd25be898f78612e245abc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 2e188f17-3d35-4ac8-8804-3878ca308620
age: 6924
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16673
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "1b7c0d26141bc5bb03c7724257285479"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbpzMsXCHHIrzusrI3gcX32OhkNBg8SZnSoI0EqsniWsbHXDiKG17WUkS%2FbgAbkMrcaiVvs0Ljs7zM53sw8NwlZohzTsCr%2FP44ffBsxr1%2FH0Xll7UdcoAOVoKYw4MPB16swKwn5M0kLq%2BNtxKZCFkTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1656507445.60980
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62250c9776cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 sprite-v2.min.svg Show response
www.gismeteo.ua/ngamg/assets/ 390 KB
27 KB 146ms
145ms XHR
image/svg+xml 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/sprite-v2.min.svg

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

e0e2516e4d1e2ce67c1b903163bfb78ed015b5fc84c755d77782fad1157903b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62f3b33a-61986"
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28afb0bf5088962ee2ab6ccd51361d8851bbe38b82cb49acc1c5730fcc25f033

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 map-660.jpg
static.gismeteo.st/assets/ 17 KB
17 KB 51ms
50ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/map-660.jpg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d48083fb1497fd8a18c60cee6cc3d02a5d35400774750a32c88e3df45aa6fb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 739c0ad8-1930-4c44-9843-a50f48a8c4a2
age: 4661
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17025
last-modified: Wed, 29 Jun 2022 12:57:26 GMT
server: cloudflare
etag: "40adbd6ea95113ca81ae8ffee32e5386"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcbXut6i%2FnwP0f7IjtQKX%2BGgYu%2FTjv0tUkON5zeiLZf8KkBKupbkV96ukG72lkFmJ2Mswdk9RWwKQYiZa0YmIHIoabvvhmbBy7BUPaTgWGyUyi7il%2BpPlPX5FRPi1dVvbkLSipGvwWJRRrRPRZe2%2B1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1656507445.41023
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62259cfd76cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 feedback.svg
static.gismeteo.st/assets/icons/ 811 B
796 B 50ms
50ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/icons/feedback.svg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65510155fba43504911909ebd5a89b33097335878ff825b6fd565d61a4688404

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: fb3e9e66-3a1c-4046-9424-4b5f31c97302
last-modified: Wed, 29 Jun 2022 12:57:25 GMT
server: cloudflare
etag: W/"c077383c0a4aa756b25856ba0429cf7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2IVQaVKKb0TVDFXMIZCgXaLBa3b63HCVakL81bwLy3HW4cQDkgArylwZjlAIzLqBKuhYG2CUUdMFbGecVGxv2OjfWMM3F4RV33X9z8%2FjK5OhCUumEttkSPQj4KizdJ658CxLtNegtu96mt4jLf%2BsJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1656507444.46287
cache-control: max-age=5356800
cf-ray: 738d6225cd2e76cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 485-447dfe3e3d396b360059.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 1 KB
839 B 101ms
100ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/485-447dfe3e3d396b360059.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-5853ac89327d2775d45a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

130abfcf6a76e6eca3a26b5e28c9a3888f781b387f1c4738ab0050c62dc3f011

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62f3b33a-4bf"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 943-7a0b66bc368077b88f81.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 1 KB
918 B 102ms
101ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/943-7a0b66bc368077b88f81.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-5853ac89327d2775d45a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

c210a0a3eadddeb40cd8459858c28f2b7e294a75adafef7c13c9d1cc9ab9cb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62f3b33a-4cf"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 414-537069c9394abb7e7a92.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 888 B
748 B 102ms
101ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/414-537069c9394abb7e7a92.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-5853ac89327d2775d45a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

fe2afd17237c8eaeaa6ca240c0af8fcf7464920edcfac8816589ea92322fc31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: W/"62f3b33a-378"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 142-a34a7192c37dd00992cc.bundle.min.js Show response
www.gismeteo.ua/ngamg/assets/bundles/ 375 B
704 B 108ms
108ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.ua/ngamg/assets/bundles/142-a34a7192c37dd00992cc.bundle.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/desktop-weather-5853ac89327d2775d45a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

343258b367bfb47c4bcdfa53bb95c5552a89701e36b55396a433505f53dc64d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "62f3b33a-177"
strict-transport-security: max-age=604800
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 375
x-xss-protection: 1; mode=block

GET
H2 200 px.gif
www.gismeteo.ua/ngamg/assets/ 43 B
361 B 92ms
92ms Image
image/gif 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gismeteo.ua/ngamg/assets/px.gif?ch=1&rn=8.974483713347908

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "62f3b33a-2b"
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 px.gif
www.gismeteo.ua/ngamg/assets/ 43 B
361 B 93ms
92ms Image
image/gif 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gismeteo.ua/ngamg/assets/px.gif?ch=2&rn=8.974483713347908

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 13:31:38 GMT
server: gis
x-dc: ua.router-cdn-pl02
etag: "62f3b33a-2b"
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-decepticon: 0
accept-ranges: bytes
vary: User-Agent
content-length: 43
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
62ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=0&a=354308182&t=pageview&ds=desktop.weather&_s=1&dl=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&dp=%2Fua%2F&ul=en-us&de=UTF-8&dt=GISMETEO%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%2C%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B8%20%D0%BD%D0%B0%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%2C%203%20%D0%B4%D0%BD%D1%96%2C%20%D0%B2%D0%B8%D1%85%D1%96%D0%B4%D0%BD%D1%96%2C%20%D1%82%D0%B8%D0%B6%D0%B4%D0%B5%D0%BD%D1%8C%2C%2010%20%D0%B4%D0%BD%D1%96%D0%B2%2C%20%D0%BC%D1%96%D1%81%D1%8F%D1%86%D1%8C.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1851717235&gjid=1711580986&cid=2000690116.1660183287&tid=UA-12105830-25&_gid=1216404274.1660183287&_r=1&z=424234435

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame B0F4 51 KB
24 KB 357ms
170ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e8def5f7f3ad2c44eae866a7bd376b480ca4f5a5e6e861550be18ed4db2d1c55

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23642
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 d0957defc8428719e2ecfb935c121ca8_66x44.jpeg
rss-images.gismeteo.st/d09/57d/efc/ 2 KB
2 KB 59ms
49ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/d09/57d/efc/d0957defc8428719e2ecfb935c121ca8_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c97b0999c86c60c4ec6a286cb70241ad4aeb7ab9fc90d13ea338f29396292714

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: d66b845e-150a-444c-9a24-9b010885c1ed
age: 3357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1651
last-modified: Wed, 10 Aug 2022 13:57:13 GMT
server: cloudflare
etag: "1aea8225dc9bf0c57fe13e912be84b53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmDYP1ga3Nspgf5D2%2BLyD2SNYfJ7sudt1d37kplHiz493Kr4p0Nk2XthrHeOQRnrROp2TgonJY0XWT%2FMW9qUThNCXFPJ3L%2FNVbCebOCMMImNTyLQBfDZjMmwxJCfKphZA0f%2FURpxAs7vmctW1wSbTa%2FyyLy%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660139832.92975
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62264d9676cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 9ae3fd631e8b383699d4eba66ae56e75_66x44.jpeg
rss-images.gismeteo.st/9ae/3fd/631/ 1 KB
2 KB 61ms
51ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/9ae/3fd/631/9ae3fd631e8b383699d4eba66ae56e75_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d63bd999aa9d89764b6ffe145fa9e58d197c941c898170d57af362eea1eb6b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 835b2d32-49ca-4293-bc77-dcbb1188bebb
age: 3357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1469
last-modified: Wed, 10 Aug 2022 06:56:51 GMT
server: cloudflare
etag: "7679f70839ff46c502c6ec32dcb35d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPewyktN6iT%2Bn1lpSEGjD2xSm80MOLkI7I3cM276PQZpZ668%2BrgrThm0AzcSEZ6yigFo2F1wndGkTAjZAlIDGZ3hXw5wY7%2Fod1xm%2FEiurwMyv5PD%2BbV2gsd%2FzsfTD3R3xNsuYUg4KAt5Jm6Nnjdri%2FjcpLjC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660114610.42832
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62264d9976cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 4de1f67b1a19aec970121f18bfe07346_66x44.jpeg
rss-images.gismeteo.st/4de/1f6/7b1/ 1 KB
2 KB 62ms
52ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/4de/1f6/7b1/4de1f67b1a19aec970121f18bfe07346_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cd1f3a11d5062df709209b1b58594d6382458682b6ab3fd611aae52d1c4141

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 60aec438-e3b5-43ab-943b-73ad21e7ecdf
age: 3357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1380
last-modified: Mon, 08 Aug 2022 20:27:15 GMT
server: cloudflare
etag: "dd15cb5d9cb4f5f49e6c032e68956ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms2A1Z2s69kIi6qkSzilnlTJ8jQne0ukhA%2B21nZ7wZH0uZK%2Fois61Cf0ICSPO1BbDRCxoTk1sHIL%2Fc61KijjE9TACjOP496tEa1AsoaZX%2BDyIWEegfEVtJIS5QCCDDjnMOWJ%2B2pru%2BrbqaQd%2BQeG589E0prE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1659990434.72825
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62264d9776cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 ff40b9f7211e11b55d3cb359d4afd99d_66x44.jpeg
rss-images.gismeteo.st/ff4/0b9/f72/ 1 KB
2 KB 60ms
50ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/ff4/0b9/f72/ff40b9f7211e11b55d3cb359d4afd99d_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44204f2cc649605ced641740d0ea2a213143790e99d33f72cd6b36c3a6364fdf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 483384d2-e101-4644-bd4f-85a7e42454f3
age: 3357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1179
last-modified: Wed, 10 Aug 2022 13:27:21 GMT
server: cloudflare
etag: "ea4101a215c6b4d1ee0d289020a08eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNjNIBoRqLWUpaOVMpCDMRMxvxbmymLRC%2BQcA3%2BxRD2KzowP%2F7LbsonIdKipcT5BOw%2F0kMGk2ZDwD0PWPJy3LXVGEOtXH1QVYd6jGFD71yTWgrb68oge03iW7UcIJmZoHujzWWZQBIjwK%2FgF1BGXURa0mHeW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660138040.97010
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62264d9476cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 0c5b0d0c540a52e93b0aa7ff9ebe148a_66x44.jpeg
rss-images.gismeteo.st/0c5/b0d/0c5/ 917 B
1 KB 64ms
55ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/0c5/b0d/0c5/0c5b0d0c540a52e93b0aa7ff9ebe148a_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41dcd93761b22d74c11581b0ba4fd2684f0fc7833d291ce74ec69edda56e364b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: e4849489-9fb9-4dff-b8ec-0abc074a11d9
age: 3357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 917
last-modified: Wed, 10 Aug 2022 13:57:13 GMT
server: cloudflare
etag: "fc6aa606e82075c7bc5d97b6e0dcb4cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jx7vxEtpDfxyP9EErdZB1o3NgIM0Iz3DT9RcJO5l9eL0gog30weAtKKcWJ8bYM9IerMECI0imk6LpszaCqwgqEl9T0iARAD3jnJN27BBLB2t41xLJzjud4gSrOpgm56m6buRZADnqghI0yHdDxnyvl4Vlwl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660139832.84211
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62264d9c76cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 095e7128d355beccee31719a30f18d66_66x44.jpeg
rss-images.gismeteo.st/095/e71/28d/ 1 KB
2 KB 61ms
52ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/095/e71/28d/095e7128d355beccee31719a30f18d66_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b849ba37ecb657fa7e5e2a886cff24ba2618536c89c7726d6f8b7ebcbf032c35

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 733f3c90-b706-49fa-8b12-aa620eb39fd2
age: 3357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1030
last-modified: Tue, 09 Aug 2022 16:57:16 GMT
server: cloudflare
etag: "0be6598c5f8daf68c12d6f52c19b4eea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alK3OCNTLfN91uPIDwnNR1WDkFOC5QFbsfBunbdvwm%2B0rG5cKhwANn5TR21o9AxwjZ39Pb3BDtrztQCtvP%2Fas2fcbK%2BTVGw3hAuuUmYvDBK4x0vfp4%2FYeGF%2FBwPJ04Ji0NQipRAlP8Gm58bdzSvIQkNDfDwK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660064235.38784
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d62264d9b76cf-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H3 200 1225e8b3fa3868cc4066492702d45ff8_66x44.jpeg
rss-images.gismeteo.st/122/5e8/b3f/ 1 KB
2 KB 332ms
329ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/122/5e8/b3f/1225e8b3fa3868cc4066492702d45ff8_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55ce45f875ee0e83d9f644252cd577f5dc4f40bd84c14461d5317113401f39d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: cd5ff4a9-8989-489e-8588-a4bacea28cff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1254
last-modified: Wed, 10 Aug 2022 16:27:26 GMT
server: cloudflare
etag: "975ee1c095686c4292e133dc586c06f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPlWzWFdWpUmQbCdk%2F4wQxKZD8uD4nY7S5znxpMBAceW9JlXqiERlx1qkx4aXYOM3I83ZFWclat%2Fm3RBzvIym8661s1%2BZ7MN4K42MwqKmcNS1jqK9CTNN%2BNHW1BKVm9Ze9sx6BEOHcxlW8oqh2r0UkBQehGU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660148845.32031
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d6226a8fb06d5-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H3 200 8bf9de0d3bace1a5fd02c1b8b7eadb43_66x44.jpeg
rss-images.gismeteo.st/8bf/9de/0d3/ 1 KB
2 KB 326ms
325ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/8bf/9de/0d3/8bf9de0d3bace1a5fd02c1b8b7eadb43_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c96dc3927ec0213f3eb18af22c848a96591c50076a4282715af77bcb6433484a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: b9ad2afd-db25-455a-bdc5-d23660ca0906
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1372
last-modified: Wed, 10 Aug 2022 19:27:08 GMT
server: cloudflare
etag: "e29b35c132542d9e64374b84b14bb6eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xL3qBsr%2FgfQRxjjkIQkw%2FrH6S6rCxf4skS6ZawK0qWi%2F3bKxTvn%2F5Z4cMtAdxHELp%2FoXQU1GWvNfMpULHVkMAMFI2hNlQU4W9PULQlRmxyBwAXZ6Be3y41k1IMnrB96ZEV9LSSbt3%2B1KsC3Kshj0FPR9E3f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660159627.24921
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d6226a8fd06d5-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H3 200 8d746535c1b72f2122313a54984bfdc8_66x44.jpeg
rss-images.gismeteo.st/8d7/465/35c/ 1 KB
2 KB 350ms
349ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/8d7/465/35c/8d746535c1b72f2122313a54984bfdc8_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b53e7f18bb4f8cf37d6d1e014ce147d7e77654caf1ee39467fc016d87ae6b47c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: 932d555d-ae12-48cf-9b3c-a361f7391c39
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1526
last-modified: Tue, 09 Aug 2022 20:57:18 GMT
server: cloudflare
etag: "edb26344262ee86b8ca3aa5426192d58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjgvP8L90WwNwRlYv6shYUG2Lz5o7RYpw4Fc16vAN5TO2JBAX0NIZsz%2B21vQto0Sxqhmgc827rdfx%2FbF%2FqDvHlHdB3xpfUHBGUWZF94rguKdzhlJrTBcjcBiV%2BxfmTDqHewyFxeBsisNRxQUY13Ao43EcDZx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660078637.02986
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d6226a8fe06d5-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H3 200 3bdd119e8029aa9b2098150eecf42a07_66x44.jpeg
rss-images.gismeteo.st/3bd/d11/9e8/ 634 B
1 KB 321ms
320ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/3bd/d11/9e8/3bdd119e8029aa9b2098150eecf42a07_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da3a5cb5a8564b127deb036eb0c2dd52dcac09feb1f042311283fd30b9b05501

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: be0a420a-bae0-484c-b23e-c7816348c6d3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 634
last-modified: Wed, 10 Aug 2022 19:27:08 GMT
server: cloudflare
etag: "9f09155e6b16aabe3d4c93a7014507e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az9%2FHJNv1utF9l8tqSp783v%2BVfj3%2B9SdbMRRzQseJLj4FglPdjHEY6pkWbxYy8vDJ%2FtrC%2FfsCQ%2BIkNx9hCzEycv9%2F6assB47D%2FDsgaaovuTsncBGX7qHDCUe13rrmexnMX6j2H5hAiyMWRBOz%2B9uIPVev1Oe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660159627.08334
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d6226a8ff06d5-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H3 200 5b5fcfc49621ff5374ed2fbaac2064e9_66x44.jpeg
rss-images.gismeteo.st/5b5/fcf/c49/ 1 KB
2 KB 330ms
330ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rss-images.gismeteo.st/5b5/fcf/c49/5b5fcfc49621ff5374ed2fbaac2064e9_66x44.jpeg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a72aa49a1d9c2562b696dc7bd4efcfc5dda84c09d26c174612921053bd24f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-trans-id: bed52ba3-f2ee-4715-beba-c1debdcdf1a9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1344
last-modified: Wed, 10 Aug 2022 19:27:08 GMT
server: cloudflare
etag: "f8ac5fc4bb24083679775b0d1ce76108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0Jfo0%2BZhv85s%2FCWmjS7R3QkTmNCCAceZDWKcyMwAId8J8VlPl0ffvxjt6EtPcOA%2BKHFt2MmT8dCsAjz70vLvovOOzcvb4Fs934vm1pkepSz0Ciorp2m3V81lqu%2BYc7n1qpOcjqoRMnXanBe%2FKoTXZ7C12bB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1660159627.08928
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 738d6226a90006d5-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
H2 200 pubads_impl_2022080401.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
382 KB 197ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 15:22:16 GMT
x-content-type-options: nosniff
age: 38350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 390095
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Aug 2023 15:22:16 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
724 B 204ms
62ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gismeteo.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

69203082f1a1c36dc4a1668c84a1e46b9f660839dd6d4af9e96f48c6d8c0fdaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Thu, 11 Aug 2022 02:01:26 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/48427/ Frame DE0B 738 B
519 B 56ms
55ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Thu, 11 Aug 2022 02:01:26 GMT
etag: W/"62e28a7b-2e2"
expires: Sat, 29 Jul 2023 13:10:16 GMT
last-modified: Thu, 28 Jul 2022 13:09:15 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:16+00:00
x-id: fr5-up-gc31

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/48427/ 23 KB
8 KB 59ms
57ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:13 GMT
server: nginx
etag: W/"62e28a79-5d41"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:19 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/48427/ 75 KB
20 KB 64ms
62ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 11 Aug 2022 02:01:26 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:02 GMT
server: nginx
etag: W/"62e28a6e-12c39"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:19 GMT

GET
H2 200 fpdata.js Show response
galt.hit.gemius.pl/ 280 B
393 B 76ms
75ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/fpdata.js?href=www.gismeteo.ua
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 2c514401e90a604925331ebc84676f8154078bef85f98939c6cef73c41e5e4a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 280
expires: Sat, 10 Sep 2022 02:01:26 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame B6F7 5 KB
3 KB 249ms
80ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 6465505523ade4d8dccaa539261ae7e9b4cf127c4371a549679ce76029029efb

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:26 GMT
etag: PRIVATE7520710249
expires: Sat, 10 Sep 2022 02:01:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 182ms
56ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12105830-25&cid=2000690116.1660183287&jid=1851717235&gjid=1711580986&_gid=1216404274.1660183287&_u=YEBAAUAAAAAAAC~&z=55814166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Aug 2022 02:01:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
galt.hit.gemius.pl/__/_1660183287042/
Redirect Chain

https://galt.hit.gemius.pl/_1660183287042/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A...
https://galt.hit.gemius.pl/__/_1660183287042/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https...

167 B
423 B

148ms
148ms

Script
application/x-javascript

79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/__/_1660183287042/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9TVmJOByXzlEmDxDqtwjy6bbIQ7fnBrq_xm5IABV2vj.q7FLvX5J_k8DdoyJDHWwyRm4STGsz4BZXUHtoCtqKiw_0F2O/_guxMJSCobTwv/&ltime=267&fpdata=-TURNEDOFF
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 84bd083161b5219244e1832528e9d406eaf523319f8f3b63ce6405596e3a256d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 167
expires: Wed, 10 Aug 2022 02:01:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1660183287042/rexdot.js?l=100&id=1vXlD2727Up7NYRm2xV8KZaG7zFF5udEv2FBp3BmNff.B7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9TVmJOByXzlEmDxDqtwjy6bbIQ7fnBrq_xm5IABV2vj.q7FLvX5J_k8DdoyJDHWwyRm4STGsz4BZXUHtoCtqKiw_0F2O/_guxMJSCobTwv/&ltime=267&fpdata=-TURNEDOFF
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 10 Aug 2022 02:01:27 GMT

GET
H2 204 /
loadercdn.net/ 0
168 B 279ms
87ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=855765858b715329&d=www.gismeteo.ua
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:01:27 GMT
server: openresty

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 209ms
66ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.gismeteo.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 11 Aug 2022 02:01:27 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1261
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 202ms
65ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 01:55:46 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront), 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 342
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA2-C1
content-encoding: gzip
x-amz-cf-id: qDy81G4O1XuimQ8mRjCFB2E-Nk5bnnyHWCEPWyzCFuaLGUJ6ziY16g==

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gismeteo.ua%2F&domain=www.gismeteo.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=r0Kg1nxldHVCRHFSaVdNb2dBR291TVNnalVLMUdtNmlIajlRU1ludUpZRjNVcWJSbTVGMG5VODl6ZXphbjVHRDVYbStrR3lCRzZoUSs2Mk12OTlNeGlxS0ExS1FNc2s4WENualJaTCtvWms5SkNCd21FVzRBZ1dFNWdaME...

339 B
614 B

173ms
59ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=r0Kg1nxldHVCRHFSaVdNb2dBR291TVNnalVLMUdtNmlIajlRU1ludUpZRjNVcWJSbTVGMG5VODl6ZXphbjVHRDVYbStrR3lCRzZoUSs2Mk12OTlNeGlxS0ExS1FNc2s4WENualJaTCtvWms5SkNCd21FVzRBZ1dFNWdaMEhIVWgzWVBJand2MjlxeWdUNDdJSXFUQ0E3ZDdWb2JoTVlDdThOTExiNFYvNFYvT2h6N0FnRTUvMWFuUExWeXZYZEdzREZGTTFzd2l3ZkFKbjhqZklKOGJxVklIUEtWT1E5Zi9vK1l4MHRjbDBoaXhSQTA4PXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9ddb6e908317f9ce608643df4a78bad67dbe1374af2c7074065baee16dd8ab74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3091
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:26 GMT
location: https://mug.criteo.com/sid?cpp=r0Kg1nxldHVCRHFSaVdNb2dBR291TVNnalVLMUdtNmlIajlRU1ludUpZRjNVcWJSbTVGMG5VODl6ZXphbjVHRDVYbStrR3lCRzZoUSs2Mk12OTlNeGlxS0ExS1FNc2s4WENualJaTCtvWms5SkNCd21FVzRBZ1dFNWdaMEhIVWgzWVBJand2MjlxeWdUNDdJSXFUQ0E3ZDdWb2JoTVlDdThOTExiNFYvNFYvT2h6N0FnRTUvMWFuUExWeXZYZEdzREZGTTFzd2l3ZkFKbjhqZklKOGJxVklIUEtWT1E5Zi9vK1l4MHRjbDBoaXhSQTA4PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1679
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ 213 B
622 B 191ms
60ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

b4efdd51213501c44b4585056e852971897499fb51a54ea4ed7e60e12ee02c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Thu, 11 Aug 2022 02:01:27 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
637 B 180ms
81ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9wDC1ZwLPbAodYhVjzXKZSjgZmq97ed9zhQ9quqwT4wzkNJHhlOYEjooYgZ%2FLdGsMpZPqyIkxKtFVddVsssgXQOt8dZUIEc00OW7z7vKKoMoIdKpMa1UZowpIpXsCtyi5%2Bz68P5HVmBg3Mv0e3oR2poM3h8"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 738d622a2c1e7753-LHR
content-length: 42
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 155 B
435 B 318ms
219ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24fafc1fa0c3b299a3c3fcf81febe43c3470f50d9314afa7b44c80d4cd8c811e

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHk6Q0uyEG5POWzXTHdUqBU11NEMPXIdSqYC77ow2Ljf5RswuF7I1bqcn%2BPFrMKiBO9rb8%2BwZrVLv5V%2BLDeHvkyj366caKHdjgMLMrLMcHYIpvjWcQ1BUQ4b0K7LYPXVN35S%2FiKtuzG0POmUOYyUhqL0Sn5w"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 738d622a2c1f7753-LHR
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 49 KB
12 KB 286ms
172ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

87b56fb2a5700aa5860c79b71347f0d73a73252df23c9863b100e1394d8f5bdc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 02:01:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 57b78153-da2b-4dc4-ae8d-a774be9acc50
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 184ms
54ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0&cb=18151459885

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.gismeteo.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 156ms
52ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Thu, 11 Aug 2022 02:01:27 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 5 KB
1 KB 331ms
200ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7f36588c1686ea8015ea40acf5e644e70fb3a9511be7e1f6e08adf1033c49de1

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 02:01:26 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1224

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ 73 B
378 B 178ms
64ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=414b2dee-42a0-448b-8ff1-38159e1181ff%2Cec55e705-a1c0-4922-b109-f7e9eaa61f1f%2C63efa694-18e2-468a-aeac-18a3dfddcb15&nocache=1660183287263&pubcid=f3a72d15-6e01-4235-8295-cf428e2cdbfd&schain=1.0%2C1!setupad.com%2C945%2C1%2C%2C%2C&aus=300x600%2C300x250%7C300x250%2C640x250%7C300x250%2C300x600&divIds=div-gpt-ad-60db1014cd16186dc2971ad8%2Cdiv-gpt-ad-60db1053cd16186dc2971ad9%2Cdiv-gpt-ad-614315f45f18840a44c3a980&auid=544016144%2C544016145%2C544016146
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 55bf22b7e8019ce8c3a895972837a3e5f6c814d9b337c6f3bc632bf64f2dfc29

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 184ms
59ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%22e4047fa7-2ef1-47f2-ac37-e2eb4c56275e%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22414b2dee-42a0-448b-8ff1-38159e1181ff%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%223785e7015cdea41%22,%22bidderRequestId%22:%22365251c09329a4%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%223eed7b20-e4d6-4754-8d81-9e1f39471dfb%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[640,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1053cd16186dc2971ad9%22,%22transactionId%22:%22ec55e705-a1c0-4922-b109-f7e9eaa61f1f%22,%22sizes%22:[[300,250],[640,250]],%22bidId%22:%223867abc7603adaa%22,%22bidderRequestId%22:%22365251c09329a4%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%221bc37e72-499a-4a34-8c41-e6aeca80a400%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22div-gpt-ad-614315f45f18840a44c3a980%22,%22transactionId%22:%2263efa694-18e2-468a-aeac-18a3dfddcb15%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%2239d135f066f28ec%22,%22bidderRequestId%22:%22365251c09329a4%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 02:01:27 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 1 KB
2 KB 430ms
154ms XHR
application/json 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: 0af3d16561b4148a08ea9e304f40e94aa720f5d6aa7da0fee2bb0054a0cae0a1

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1339
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 212ms
55ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 212ms
56ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 212ms
56ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 19 KB
7 KB 302ms
204ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=657865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2248ba413236ac893%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22945%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249f6b93c0ef103b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_top%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22502d0b54c3e6f97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_top%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251418c95347d205%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_640x250_middle%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22522531a0936cae6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_640x250_middle%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2253000588c9711e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2254cef5e3d783b22%22%2C%22ext%22%3A%7B%22siteID%22%3A%22657865%22%2C%22sid%22%3A%22gismeteo.ua_300x600_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 551a2aae0d8fd089aad99029ad59ffd98ed9cb0b044b44b9f270fd77b9987510

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XymqIyTdJS5s77ezv6hCXyyT47QcznFb6fLDso9r91YAmZpdsBEDT7T2b7voNEbB7LFC0%2Bu5aq0%2B%2BjuSNAOQTK9M1HWaKjqJ1QGptcUCmsyZ5tP5DWJ81S3yvJEjj8DDPvbIbAdo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 738d622a2be475cb-LHR
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 198ms
61ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
date: Thu, 11 Aug 2022 02:01:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 173ms
56ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer2%22,%22params%22:{%22zone%22:%228eeeb07c-14a6-4155-8645-280af7717e71%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22414b2dee-42a0-448b-8ff1-38159e1181ff%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%22603cd07a1a24b4d%22,%22bidderRequestId%22:%225951903437e5a22%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 02:01:27 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 317ms
114ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=715140&size_id=15&alt_size_ids=10&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=f3a72d15-6e01-4235-8295-cf428e2cdbfd%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=414b2dee-42a0-448b-8ff1-38159e1181ff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2303848576363383
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ba8e5a7f01f6f425af71cbcb179acf3f17678ae8fb350cbf826e707f01517da0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 308ms
105ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=2028902&size_id=15&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=f3a72d15-6e01-4235-8295-cf428e2cdbfd%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=ec55e705-a1c0-4922-b109-f7e9eaa61f1f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4872017391980401
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 383342421973527061e679c6e5b9a9c86bee08b22a1813c8eb06a60dc5559a87

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 311ms
108ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=148974&zone_id=706518&size_id=15&alt_size_ids=10&rp_schain=1.0,1!setupad.com,945,1,,,&eid_pubcid.org=f3a72d15-6e01-4235-8295-cf428e2cdbfd%5E1&rf=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&tk_flint=pbjs_lite_v4.40.0&x_source.tid=63efa694-18e2-468a-aeac-18a3dfddcb15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36292172720200244
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 217178c16504d4dac920bdb508859f30a2596f6b238f0cf0a2e46eb8be383b1e

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
911 B 194ms
60ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 15 B
488 B 313ms
126ms XHR
application/json 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwMTQ3NDUmdHJhbnNhY3Rpb25JZD00MTRiMmRlZS00MmEwLTQ0OGItOGZmMS0zODE1OWUxMTgxZmY%3D&bWlkPTEwMTQ3NDYmdHJhbnNhY3Rpb25JZD1lYzU1ZTcwNS1hMWMwLTQ5MjItYjEwOS1mN2U5ZWFhNjFmMWY%3D&bWlkPTEwMTQ3NjAmdHJhbnNhY3Rpb25JZD02M2VmYTY5NC0xOGUyLTQ2OGEtYWVhYy0xOGEzZGZkZGNiMTU%3D&pt=gross&stid=5fe9c5b3-7247-4357-a81b-47d625792170&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImYzYTcyZDE1LTZlMDEtNDIzNS04Mjk1LWNmNDI4ZTJjZGJmZCI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.gismeteo.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 170ms
56ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer1%22,%22params%22:{%22zone%22:%22562c275c-99d5-416d-931e-2af05a87a112%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22414b2dee-42a0-448b-8ff1-38159e1181ff%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%22739b6fed0eaf612%22,%22bidderRequestId%22:%2272ff7ece40b534b%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 02:01:27 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
505 B 179ms
65ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22a59e8cd9-62fe-423b-93df-8dd46ab09227%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1014cd16186dc2971ad8%22,%22transactionId%22:%22414b2dee-42a0-448b-8ff1-38159e1181ff%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%22757d41ad1f084ee%22,%22bidderRequestId%22:%227469aa1e1b761ef%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22992a8906-465c-43f3-94a7-f1925a5931d2%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[640,250]]}},%22adUnitCode%22:%22div-gpt-ad-60db1053cd16186dc2971ad9%22,%22transactionId%22:%22ec55e705-a1c0-4922-b109-f7e9eaa61f1f%22,%22sizes%22:[[300,250],[640,250]],%22bidId%22:%2276a8933f78f10c2%22,%22bidderRequestId%22:%227469aa1e1b761ef%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2272bd4b55-3db2-4cde-919a-6045c3eb9e9e%22},%22userId%22:{%22pubcid%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22f3a72d15-6e01-4235-8295-cf428e2cdbfd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250],[300,600]]}},%22adUnitCode%22:%22div-gpt-ad-614315f45f18840a44c3a980%22,%22transactionId%22:%2263efa694-18e2-468a-aeac-18a3dfddcb15%22,%22sizes%22:[[300,250],[300,600]],%22bidId%22:%227756085707b55f4%22,%22bidderRequestId%22:%227469aa1e1b761ef%22,%22auctionId%22:%225fe9c5b3-7247-4357-a81b-47d625792170%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22setupad.com%22,%22sid%22:%22945%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F%22}

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 02:01:27 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.gismeteo.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 200 z Show response
s.znctrack.net/ Frame 326A 102 B
451 B 98ms
98ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 0cf3e7f7e3fc1d9339776b0421165d1df19c82be51316ebabd4c8025e3ae22f7

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 58ms
58ms XHR
text/plain 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gismeteo.ua&pubid=fb12f96a-c574-4c9c-aae0-d4c14e79bb3f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 21:43:45 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
server: Server
age: 15461
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gismeteo.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: xkRLodgomS94GCtuo0ssDtLc5HHubbYFgnB0dIIVuNA1LCRHl_Ao4g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 92ms
91ms XHR
text/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&pid=yQLeG0962k7s1&cb=0&ws=1600x1200&v=8.1.0&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-60db1014cd16186dc2971ad8%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_300x250_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-60db1053cd16186dc2971ad9%22%2C%22s%22%3A%5B%22300x250%22%2C%22640x250%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_640x250_middle%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-614315f45f18840a44c3a980%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21802255954%2Fgismeteo.ua_300x250_bottom%22%7D%5D&pubid=fb12f96a-c574-4c9c-aae0-d4c14e79bb3f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-78.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: JG2MAFKEERAQ1HTP86KF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 90EDFRxPaHBH570A_4SXFgH53804DqdPpCDkY84JgCpZMC8b2MUNMw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 172ms
57ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:43:37 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 44271
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: p4ua29x_KrubhUv2dIZflVsQoVZxidsCrcei2zTNwZIfdcas-WM6FA==

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
60ms Ping
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.gismeteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 checkmark.svg
static.gismeteo.st/assets/icons/ 169 B
896 B 338ms
338ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gismeteo.st/assets/icons/checkmark.svg
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ngamg/assets/bundles/desktop-weather-9edaf44ba66d4599bcb6.bundle.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df94b012428d4a6fdae47f60cf86ffc6eb3e3d115ba5a3e71a287f78b35074db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: b49b9f2b-cd47-4978-9a34-0d39ff97cf01
last-modified: Wed, 29 Jun 2022 12:57:25 GMT
server: cloudflare
etag: W/"1b71e1c78d20a8e58d00da0f8828469b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNyq9lXosaCfRxdR5s7sHJDfqJGNNpXJvOPidVhduZFJODQyDEGUWyQpieiKSGVQ7%2Fw%2F%2FLVFt7q1nfBxdUP3e5YFPjqXq1GmxauW%2BOOHZOHIFj3Yh7%2FcraKz3sBoaQNQwo3PpQ8vTNjSy7yE0eC6f5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1656507444.30036
cache-control: max-age=5356800
cf-ray: 738d622b0c4c06d5-LHR
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc706da7708489e7e72f770c368ad6b362f7b8be58eb221699df21b97eb8fb80

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75d19b9bf5745d06ab4472468c07fd174802282448222f92bee9d8cc0319116b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 537 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a174b4bf00eb83e8211d8425b45e6785b1af25b1d7df7d731cafcb37dc580e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 180ms
55ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 11 Aug 2022 02:01:27 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1151
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ Frame 326A 176 KB
55 KB 60ms
60ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:08:58 GMT
server: nginx
etag: W/"62e28a6a-2c101"
x-cached-since: 2022-08-11T01:57:29+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 28 Jul 2022 13:20:15 GMT

GET
H2 200 xgemius.js Show response
galt.hit.gemius.pl/ Frame 326A 57 KB
15 KB 77ms
76ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/xgemius.js
Requested by: Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 9709536c63c0fe7d46b59bcbdbd32a33e8201d32316674a742d003c767b2e2b9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Thu, 11 Aug 2022 14:01:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 217ms
63ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gismeteo.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 201ms
62ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gismeteo.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 88 KB
28 KB 948ms
833ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3539295530524129&correlator=2568244956293174&eid=31068854%2C44770638&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21802255954%2Cgismeteo.ua_640x250_middle%2Cgismeteo.ua_300x250_top%2Cgismeteo.ua_branding%2Cgismeteo.ua_300x250_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=640x250%7C300x250%7C640x260%2C300x250%7C300x600%2C1x1%2C300x250%7C300x600&ifi=1&adks=2829782640%2C2373899931%2C3626824864%2C3942581656&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26hb_size%3D300x250%26stpd_pb%3D0.01%26hb_adid%3D83eaebbfdc13854%26stpd_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%26hb_size%3D300x600%26stpd_pb%3D0.02%26hb_adid%3D7867b920ca55e48%26stpd_bidder%3Dappnexus%7C%7Camznbid%3D2%26amznp%3D2%26hb_size%3D300x250%26stpd_pb%3D0.03%26hb_adid%3D81f6649daecf55c%26stpd_bidder%3Dix&eri=1&cust_params=g_temp%3D10-15%26g_lang%3Dua%26g_page%3Dindex%26g_city%3D2433%26g_country%3D51%26g_region%3D614%26g_weather%3Dsun%26hb_rf%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1660183287722&lmt=1660183287&dlt=1660183286435&idt=742&adxs=310%2C990%2C-12245933%2C-9&adys=1038%2C275%2C-12245933%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.gismeteo.ua%2Fua%2F&frm=20&vis=1&psz=660x270%7C320x270%7C0x0%7C0x-1&msz=640x0%7C300x0%7C0x0%7C0x-1&fws=4%2C4%2C132%2C2&ohw=660%2C320%2C0%2C0&ga_vid=2000690116.1660183287&ga_sid=1660183288&ga_hid=354308182&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

23fe442d4eb490d0275f3762703b2b184dc437109cb29ff093b7a849c16785c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28903
x-xss-protection: 0
google-lineitem-id: 5691258938,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349279028,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gismeteo.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 186ms
71ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb005091457dea1b78131f21eaf6f3718f7a11085501cd0b9ab65448a08fad1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11051
x-xss-protection: 0

GET
H2 200 container.html Show response
9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1733 6 KB
4 KB 207ms
61ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:27 GMT
expires: Fri, 11 Aug 2023 02:01:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2728ms
2588ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:01:30 GMT

GET
H2 200 fpdata.js Show response
galt.hit.gemius.pl/ Frame 326A 269 B
342 B 76ms
76ms Script
application/x-javascript 79.137.68.72
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galt.hit.gemius.pl/fpdata.js?href=
Requested by: Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ltx1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 1ac2ae1f962434b4e47f41cfd67e8fac8c19442cdc4176cb44621698d0427062

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 269
expires: Sat, 10 Sep 2022 02:01:27 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 204ms
62ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:28 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Aug 2022 02:01:28 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D2CE 15 KB
6 KB 67ms
67ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gismeteo.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:28 GMT
server-processing-duration-in-ticks: 1867
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 214ms
106ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:28 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Aug 2022 02:01:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D2CE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=gismeteo.ua&sn=ChromeSyncframe&so=3&topUrl=www.gismeteo.ua&bundle=6ygLil9wR1lzcGRJSDJtTVZNM0YxNHFIVWtpS2xQdzg1bWt6MTBMeTlxTDhuekVGaXJ5T3BY...
https://mug.criteo.com/sid?cpp=-GOGQHxKRFFqNVpsMUhiSzg1Rkh4Vzc0R0RuNE9ZRmwyY2xybVpDdHRwNGVYRjVUb0FCaUtnbGpDOGdmTWFodHlMOU5SOVVVbVRqYTREVHJIMHhheDJYUmI4VnR3MFFzV0RKUVQ5RnlKMnhCUDI5aUl3ejdYdzRIMFdVeW...

417 B
628 B

60ms
60ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-GOGQHxKRFFqNVpsMUhiSzg1Rkh4Vzc0R0RuNE9ZRmwyY2xybVpDdHRwNGVYRjVUb0FCaUtnbGpDOGdmTWFodHlMOU5SOVVVbVRqYTREVHJIMHhheDJYUmI4VnR3MFFzV0RKUVQ5RnlKMnhCUDI5aUl3ejdYdzRIMFdVeWkreHorR1lHMDZvbkZZU0hLY2FwQ1Z6N0twcVc2VGx4RHRWK1BBU0V6SUo5enZqNnpKS0YwZUgvYitqOUNIVXhGSU5XYUZ0b052Smh1Q09IcVJKS0Q3ZjFpTURaNkphWE1vK0t2QkgyWklRZEtPSUpjZzJJTXJ4ZUsxQkJyb2MzZ0l6QU00MkFySXlTWVZuUHJlWnZJOXgwOUNocWh1dz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

953420eb86aa77be590c2525f9a075dd344165d078f61fc5406a423dff6690cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:28 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4577
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:28 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=-GOGQHxKRFFqNVpsMUhiSzg1Rkh4Vzc0R0RuNE9ZRmwyY2xybVpDdHRwNGVYRjVUb0FCaUtnbGpDOGdmTWFodHlMOU5SOVVVbVRqYTREVHJIMHhheDJYUmI4VnR3MFFzV0RKUVQ5RnlKMnhCUDI5aUl3ejdYdzRIMFdVeWkreHorR1lHMDZvbkZZU0hLY2FwQ1Z6N0twcVc2VGx4RHRWK1BBU0V6SUo5enZqNnpKS0YwZUgvYitqOUNIVXhGSU5XYUZ0b052Smh1Q09IcVJKS0Q3ZjFpTURaNkphWE1vK0t2QkgyWklRZEtPSUpjZzJJTXJ4ZUsxQkJyb2MzZ0l6QU00MkFySXlTWVZuUHJlWnZJOXgwOUNocWh1dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3662
content-length: 541
expires: 0

GET
H3 200 container.html Show response
9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B46 6 KB
3 KB 162ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:27 GMT
expires: Fri, 11 Aug 2023 02:01:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 04A7 6 KB
3 KB 154ms
56ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:27 GMT
expires: Fri, 11 Aug 2023 02:01:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9B46 22 KB
7 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 11:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Aug 2023 11:14:57 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 9B46 26 KB
10 KB 173ms
50ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 8874
age: 13965
x-jsd-version: 1.13.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA, cache-lcy19274-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVQPKw8sDklKcYQORzMrGKgSq2KSQgjTOL1F9wUAfSlkKHAkB3C%2FsOxqP%2BFCA7MQNEValvZ3xfq5tyIL0NnwCy%2FCupRfCfIaLYIcJoojkwhhiI3L2xMFlU9RJfLy2spBnSo6CFuLQVAgAwBVfIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 738d62345b1976bd-LHR

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B46 140 KB
43 KB 179ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:01:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 292D 624 B
975 B 183ms
64ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNXAxNBXo8U6GoGww4McyN0iMaRDdcEj64qQbnO4-3N1Z-C1cWy4iOJQJEHc0wf1mQlRPzDXGAnOypmc_CHMY4TTjajhJdMp-fAyy4anIY7Zaznl7W339d3yHt9w2PSRfdgpomEOTdTWb3DguApR_6oc2_utSJL4p6ZO3DV5FctSk5JGqLg

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:29 GMT
expires: Thu, 11 Aug 2022 02:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 04A7 14 KB
11 KB 202ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvTO7Y7B5PwBUkmkSBqROWxqSAf-qnQr8UqLGMwq0ftWWW4nThPPZLgzNMUNLSe6Rr5SQwb2cPZ-7RI49TpyCfp3cK5pHqGJyBlOmOMW6QIw2q0ab_s0s2e2j2VrKvya9AHaSEzWp7i8GbYeTsAn1Sqfh3Fg&cry=1&dbm_d=AKAmf-A4WdHYoDDdgfUI_HJ3Eh4j_l5ss4C3qMfbaAcUeNS4MXreJ1xfrvCWzSU376ZXKFAptrAUV09kmInl-AYfCrdJVDtjAJZTi0_-GLDqW-QB5MVsfIycWYV3sSqayxfls24EIRoCiCl3uGyUxZAUK4zd7x7I0hAGldOLnE3Fp1uekgcTqPJI-wDqyl2S35kUvk86_0DGnODRYjlNFyvYnjwnzgt3pyauHLQLaxtFduEtqWGcEWp2J_l3dkirm910uOf8CcoR71ESgaGNlMMvSf7wu2_RI4jS3I2BfMIsQGN2aiwHP24kBl0TzVqskXesVQXJL5-DztsYH2oXYqY9lznOOyNZnRHMrPnkeoWbEIT9KIkO3OIuY3CbpKO08J1DtfiVvhc5-7j14J1HPtNxCRST4p_7bK59J4B41iG25aUlF8Pk8asfhc-N2FRBVtn4rTQaiOpg0yvqZyhr1-aRnMfKYykacgVwnO12wL-eDWBFm1dO4BJDJaDatQclVPI_df_meaz4Do7SVacVZAkrAO-MCf0XdqQVE-GUdiI7wTlK51d8zAjTrhBuRo7KFnb9O33AsCfMULI4YK59IUvMP5HZoznWsXtbjDPW_xywxd-IP4fmvM4J9jYtRKtqnMq30oT-DBXR3tQOYD0GeWKrrIyuF6yn-ztld6cCdtHJTcdvu55JoZS1JacpfaP04jM-BbjWsjtDmtrG9JVvuIelb7CaSinekWbv3PrLukGWh0Lavzl3DUXdKO4U3rOGPhdhVKzBFBeYhvjw0QmVIvKr_T0Ym0x2I6jV8arGtE4YmdCOUc11pviF1WoZ10zER7mjPJ0I7sYPGo5gqpJMC9Fbb5MaGu_48A8emTJ5Gk0OwDMhF04gugwXftmAXTOPoemNbUPp8u-cshoD5YXPWtq3basLV3L7uf8VBBx4cAAtr-wlta0LX3GUYY7g0EAWQZhgqr-vqyMoHaxL2dD7eFeaOzbIIal3BZu4V8NitLRNlakBj5AF2bXHTBuhtkj2LWVxN9ikZYavM0pWKX-VnCTlkV_HC2L44ppKrHH-1Yv95WfkPcVXUbGo8vQj5TIHMldUQfAOEpskuc4cpmobvfNmCLZp-AUrH3Q_zOWBIa6GKRCFm7h8Zs_E8SainSJ2ONbR5mSxx3SfrjjE6cbdvbmMdSB-kQvxjZYEGvn_TMMjuXpsAQmKoTdraPwb6W_rHlIuuLeS06BCooBY9LY1aynACk1MuB6ov3cTqcCJBwYqd14JH5ofeaPIRjsmhh9ab69E2gwuNYJ6AkE4s4rTvj0VKs_WiV47oPp3mQCYzlw5Rv2EqUkMdqA__bVJDnjWyPTkam_3XYsxlOJv-CnO8QULu63e6kCfrMQ8hzfs8qCvFN4iqCC6EmXv1rkfv59NM1s9EoLcbbb9WmxPr6vdqIAhDXWCeX4msmynfNaMPu5UsXOjU4Jr7YX-JArKkIs8-B77zGziQpKsx3IHSXevcal7TQ1Jg7IcCyfc3ACv0gS4vovNE3LzD6T2uLkI0LEKChxgSzqvhEIEzpMK8_1s9IeIsrO2F0orJXpXGAUse2iYhC_aq2j0mGVWruu404K8QPrbjaVnr3VYU6FEj9urKz0rh86abQcWr7ac6s408qZ_m-aoKP6lCrsLd_-O9uvxW6i3cV7FmQv3CbJSnVUoYH1qf4cH1ZTUB6m8WZSoXJVnV-jt0om8aab9SR0VJhaWQu4N1KkkDUrlTNscrzkvCcJtNMlPybflqu384JrHblUs8ON7dHQXmiiswK3xvknPr2ygA8UQnXTJY2WwGAxFKwbz5RAZWYiPfegr-mHglypFAYbjoR12ku5tvYIVhfPteHueDtKwd-32nZ4sS-n1p3OR8ZI9wynni7CLiMfqYSMN4PYEViyv6aUCHsXbF608PcOMGrkWrTFYrR-VTFwe7Xx2CuR_gT_KQ7YoxDZSmBq5-R1u_nOojlaTKnuor0gdCZSB_JxE_BQYLpwgRr9vjAad-hFzh89uiFEksbirZCnhRySD1oh_Cd952XIHlCkK1pG7Ow9gm2OaCb4q5DZ3zhryHf8VqAesiOiVTzhlSIV-T9ua4xHGepRRQmTy0VUO2_Az8xBZQyb9KP61w7GBMGhfbiAILivLuz3SaVp1FfhR-XpfcQdmd3KvMPInmU4ChGpDDmDGp183UTnWBd0q5bbmijH6NxRa3cYSAqnRyytf7Qp6A6QGK5F6X0GflDaCxkzM1fuwvHBuIW0j2zTq7rPymhpbmARDa2Syv2gqnaDV1Uj35WHuo8p2UOjHP8mZGwU754mRXINeQXJ7-EoB_2ALN2MkmOzT2_MGh8yCLbeBH8HGGLeSMxEYzgas4IsuoLf1VdsnQfSUEdV-jUTeUGnPdQLqpD5Z64Ur6DT-FoXRtAWF4LndEsveqvha49ZjN_PiMZXo3Ri1RWWsDToGsoe433Zt13XEa7QxeeK6OwkPcV-i1CHqNJDKzyy-IV4YMoBmtMSKP5aJPXRaZQMjnE79WrkkyUeFq6_L2Nk4KzLSoG2PbIgTEmbujfcahjEeLoPU1iPrE3xbSJLfMW0Wy6SW9sC8bc2b1-RYMokE5-4dDnV0HSDjstQalZbf_e288dKkg7Q0Zc4ZqgGgQHIIoHO4-xZ8y3Iq5df4MOC-0U9AlNEcqB0lVATTt4F3Tj3_iHYpz7YHYOwP7ajWfMwLPil9R7zh4y78p0sFGFP_uCpmN-74jpWbyn8&cid=CAASJ-Ro5SXlApve1Y_h7GWhMkOydZsdUpBXTE5PFuHIWB-WBzvfyejAIg&rfl=1%2Chttps%253A%252F%252Fwww.gismeteo.ua%252F%240

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75e9a9ef55c4e393993a0639611b68581b6acec37a51c4688e7485e0f510eef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04A7 42 B
63 B 196ms
88ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0bokhaFMbSvN5Oh8s-8QOyz5DjLZPOy_74pbKBfyv0HaDX9PSH6tAv5Ae7j61MWbEwek1PMLwboVO_mwwarwTB7MaFYzF3VZsdyF9HKbW8ZqeEy0

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1103447/64557513/xbbe/creative/ Frame 04A7 243 KB
73 KB 189ms
56ms Script
application/javascript 52.19.54.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iBN1PX-XQbhvrdsHsx-XE5_o9POcmzukwsahe1tDPbGQ5xSZCbhSohHRV8DXOMTgGwm2lsxJYsMKBzaYxvedDdfR_7NbEKTqjCI_w7iEqkVAKAmf-DQUZp1M6LbqRSk7IRcxb1Z69gY8FZhh_cWSUa2bTI7YO0RBUG4IFaI_cC6d7_OtrWQw_axSyDjAyGzAU0o2wtKmtfGGml8mEYzOt-hwbz6ZEwW7O4qFsHi7i1hxqVl6_2n41ihdsH565yKTSQE2WxnyN2_F9er3-NLF5rtJB_Tsq251ZdPGlWxoSot03JdVYlVCY7ErUn5vxgcxjKj0GmZiQaupt8mRQNdZIMKqixcv2R3xFIZbZjZiZ_SZuQWvDRyCsNHQaQzkjI-g1pdec70VTgiwSwUCIRwkBVt7hFbN0zDCu7zoAVuQvg5BAodYfLqkMzN8yZ8xoCtjM87OrZeVuuOwxL9IoOsl6x2ZH5A5EAI1qG56orVNVL1DTJ4P5PNCykUnONj7qiaLzTQWawI-rlJQmT3xYzWlXF5D_DkxjBdOhobyn8tElGIYOTxRIRDa6F0-m3NjjbiTORCG2VnoCk10PenZRlXO-sZDa0_cz5OxGMpdvmnQ9gnm8OvnJ5ZvaLRa35cJjrSWyTdQqEbncCFk3Jn2j3tknbUQyi8Z4584wWU2QfsJm8IuIf1fxvaDp0mLKscgcAMEhuE85gPT3rzVxQqbT2pqwxJMRcv77XT2Rud6Lb0uXSJWwc8PVEQLvKX2vVsNkRfWXNIrrthIenS10L2qay3PfEentlnAvx2eQf9Fz5oVPnoOOh_1p-rQhCbU7gR0ZVatw1bg2Z-ZwuF7J8vpG0fl8skUsp6R9CfHad8b3ofQ7-MhI6bqdZoWVLc8WRpsvB8LKKJd4wiixsP8oYNxcAEtoOAVzpkNdtXZBmGbsIkbEJuEZDI-oCEcIjNb5DEH6o_V53BvHQ_w83eWUOaNuZaT_pQNcTdRvL0xgOqh_d03quV0qUpZOZ2drId9fxozWbQeKhi85A11VC3dL34uBUu9-GgMvNK_AdlOXBCRYghpK-KmkAfmcAIB7ef5Nk5782sfVx6cSBVIa2cHvo6l1CAZAdWQwFLJuPYAZMuBBH7tux9j51tzw53FqS6Nb96UoKVq4MRQHMcfLKOq1KY4nX1kpyw4enTr_5rpFOeKi_j3eOm4TTRHz2-b7VbbF1M79kQlJmmuYtwBfyePgwgWi_oVu_kaGzH6BwnfNZ1vpGasVM552cBV6IXvM6ahALtOS1j3APgvWHiMGCBqlSyjBSaNeuxYzvcfjV9qHMs7isNnncNqz9A61AyjtuKRzo-Dml5TaIWsrO7f4Y1BFx8FdrMkrLiCe2KdTpXu__DZChKMvbTRwYYra-ll1tbd7R1sE4vk21gvMAbF7yUniWyROJqHEoEEFLaKCse0zJVumyHb4aduHQ-iAJNMfrOxclW_bNh398RbbBIYu9S5ns30-2XkxAj3Vp7ZG8QObpg-gy0Vcc404GYFs-xORj6aqhhkrC0_6szh0PMcswvfVd0aOpEFKgsDXn6pCMlyYRZiLX_0cZFc-KPqjF-jSbSYA07lGFP30Pyc-0AQscFk3_aCCSOlCkbwKfWpjUzi5kWURAei1IXVfnEp-Y0pGTR01mnCqMLk2a60-cXCx2nZ69y78b1HpfuuK7eb2CKDKx7CtY7scR2tvBaOMj2EdtZGEFv00ZyRZxn6L4PpV8fLx9TstHWVy3qwsGpPQELFnhor31aACwxlzawKjK0skmQcEY4KmPsqHqyuFb_-oHjKliMo44zoJx_C_yW6T75A2ilFN4D9J0-jq4yFKb54Tp5scJSLdo0JW2W5l4g4quc5BkPNj3dGFWWWL3_iJo3UFhNUHfsMC4HtyJAi42hfgRgQYMH9AuZiSxWxlGrT9KWMY1FaBdjWrhCBE9njZ9PFbjVP-NpantshS3mslMWOxmnCfVsVYUDSXZfT0jvC5y2uXoIRDNvcYs95AI0UWDHcNvQAduws6YYB-GKMR2Eu0eV-qQFhPKU5PQui5A3xHr-zbkqt-qzHe9flNg-5s_AWSZc-z7y9z7_iJNjLIkf3HjqjqKuCtX5x16vdfl-66WdU2_8xPvG3jZlRgi_BSnh0x_6VTl5N2wggpA98WnHEF9c247pYfURQP_CnoXkEb-nGiyuxs5ggixXzbLQ60BEb8-eZzGrhyvGU_wyGDsyaqmD016VBan6CWndfFVoLQfkBoQczhbEBYs2cSeRkSV9j3cvUsWbdNMPfnt3UBySX3RqvbjhQ-sVHo3QKhdjDK0MWXmR-StDU30uUymB5_QbeUl5PbTlU1lg94YhwBNTFouxyaJ8X2uu1axovvgK92NGx0JG4ViNonyzIzXwoJMlnnymmPKaiTLZCnwkTIias3AFjp7cs7TAi6bX4PGuGCkYYRVQ_Y4qsog9Jb4pK1HbGAzFSaVD3Lwpn_4f_6qQJYsWLj5gzyIIuWS4KnxMOw1wOFwhFI6skN3uzqNPLA1zX7imZ70uVmvK4MCY7HwqQGHiL5mMQ2S8xu9kcdZhYg1lRGN65VyU4RNWzHS8PKA21UCtISQ7Uockcb2xOQpUhB5B0CwpNYSCGD9mTjMj7sPG_5zNtlx5Q5jdTjnMi01EYj_O2cMq8kfyO2vFvS3Mm9OJs_T8DOPbkJTR5te8MQxpCcsOlRthExj7LLpOBcMRXP135pHWox7rmHjd71RWXnmyoKFmCxUBaM9LNeClM88JsT-QNEgR7uv90wOezQu-w-gdt4c6V2S6FI2fo8vUM0Bs0jd8TvXdBqLjbMwXxkVFHF6LftXYCVf98lyQh2FUcD0qYFzksT7P2T7VSn2_XSUA0jjMAddCwi0HtQWLK3XI6H-DkNzGaz4riowhqYzSLeyrn5rp0tmQmE6C95clygmV3Pd5zdka0_gCv9K95N9k71fnINubAhU01Sw_8C_z5YV92AC14VhbINCn7a3A7Go6IASPIAoqjFHLDu_5eoieuqYEyiSOWXraugKiPupVXJ0f3WAVP0v9fXm1qi6b5tzsIaadjuiJ89mDbmEzc2eboo07VgjKPBfFTwk0nKvB34gKUM0aYVWCIiHq0VtsCK6q9SuSyIqLWjpLDEtcIDRu9qxSOsUBZ5WTkGKHhMyD3BbEpk0kK74jFCRueCaQLsGmfGsGg3GbnLHMxDOcaaN8XamUDMly9v5niFnrF0cEi5E1PuOrxAjE6bX-yTFs0meFV4DxKZIlMcJhn7VurAtxDAhJ24T_oLVWfgipJrPC0J3p6i6fG21qf9hW4y3cbXChT5oF5pjmIrURGGf69Odbn7tlDIEAINU4S9jEfXHyivwENRnc2LOh0EwEU1aiuwh11X73AGviXxsTvGT3Z8Ws5-cUOB2X4XJUuIlVziSyuDUGd8Zq9xhcnFiwxEeA4CR79eDyzdQPmL9W-1O1nonzjLFgr0dBiLmZe6NySh3ysA5D7pn2vDkGPk0BiCRtOKTbwjDo8_gKWvabnr0V3W155Tt7lcWFRyGZ-qPSGu5l4uw52Jwb_r3FyOI14w5XEXaPz4P8MMQ9HAcEpgriBjIjSkdpCZsr8yemTwUpS6hJ0T9rLqfEFl-8dl6RFAoMyLpKqKaRm4BM0ichiGUcl4dRGSf8i7gbIiJ7WY3xj395RMnoeS6Y10syCE6p_YWRo57lxGfxUWSTE0OlmPE8V5zy33DcTEBJHA-Cd9oBtsxwFg4aKwgAEifkaOUl5QKb3tWP4exloTJDsnWbHVKQV0xOTxbhyFgflgc738nowCJgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-0511822087518170&ias_chanId=1&ias_placementId=17668708710&bidurl=https://www.gismeteo.ua/ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ixX_j6L01_btP_fHWAn1Ow
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.54.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-54-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4f6dbfb32929bcb0632adbe542f5ea5c3477a68df6ccf8aa9d487a66276ea68c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 04A7 3 KB
1 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:30:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 04A7 17 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:23:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 04A7 0
0 179ms
62ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1Dz6mSxcmEYf7-HKyhLcLquO79GXQR03Evxv2JUTbYPJssnGPtRauxs7BJ1axsqnMF_w6T8qcx7JGtpt4kWXt399bhQ
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04A7 140 KB
43 KB 196ms
92ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:01:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B46 0
0 91ms
91ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZGq4-JY-scWFsPJAODIMyZc1UbHm0B11_eSuXXyNERL6MpwJIioHWaf4vIVg7Gw6pgKr54-MrREx8PnSSJv9MZtUCTuBjFm1VcRnl1y_tKL7nPPhpG_lHIdpT28KTlSNDLCo8eUiKpCDxZPCd2xPYDUQwSBVLaN4uLGcRVTXe-PxWSkn3ODzz-dg2Y3hQTcxq7MtZwJwthiJEDmLcY5bEVc74_pu9LYI2oaYQFFm1Eo7AZTFMONxm8CjB8JLG0fbbsFUN5fi0OTYxBQpVtDxde1A_GotbLXZpCACipd4nhqYWe0vxGL_-x26IOZp7pWcpmcUeyyos_2n-gCO_acdVrQ&sai=AMfl-YS3pkSA9HjodT_10CGrQJJSNi-KqDQh_kEqkfR1N2b22oM5uti2nIyD3dbpeyzkGQQfq33tDnGP6S6V99PWgl74Ppxcy2QY70xoFHcO9ZQwlaLgqidMYNMKQ3eKkNVY2g&sig=Cg0ArKJSzC9ZWoVUXWgNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 02:01:28 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
209 B 182ms
57ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 073D 76 KB
30 KB 211ms
103ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=679892651&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://www.gismeteo.ua/ua/&sub_client=bidder-657865&hl=en&aceid=MPlVNAFFWzQBkWA0AflwNAEQdTQBqHU0AcB1NAENeDQBm3g0AfR6NAGcezQBvHs0Ael7NAHsezQBB3w0ARx8NAErfDQBLXw0AS58NAE-fDQBRXw0AVF8NAFSfDQBWXw0AVt8NAFefDQBX3w0AWF8NAFufDQBenw0AX18NAGBfDQBgnw0AYV8NAGPfDQBnnw0Aa98NAG0fDQBt3w0AeprQQFLc0EBU3NBATnIXAInQqoCKEKqAvB2qgLnd6oCgJuqAoGbqgKCm6oCXqCqAqKoqgK4sKoCJrOqAre9qgJ_zaoC3duqAlXeqgLF46oCoOWqAqnoqgJd6aoCFuqqAg_xqgJx8aoCOfKqAnTyqgLz9aoCQ_iqAiX7qgJC-6oCbf-qAuwAqwKkAasCgQOrAvYFqwIkBqsCcwarAv0JqwJJDKsCTQyrArsMqwLTEKsC_hCrAsUTqwKNFasCaRarAh4XqwIuF6sCoBqrAhUbqwJDG6sCfRyrAvYcqwIGHasCHR2rAuseqwICH6sChh-rAqIfqwKvH6sCyh-rAkcgqwKgIKsCwiCrAkYhqwJ4IasCnyGrAr0hqwLhIasCQiOrAqEkqwLWJKsCQyarAnsnqwLMJ6sC4rPFBfBC3AlEb6YPX5z7EsvZ-xJQ6_sSlPb7EjL7-xLnAPwScQH8Epi5UROCLkIU-FZrGg&awbid_c=AKAmf-DKPpBa3eo59DO_EvUUyOu0UNeYy63N87nI9KIvc8ncbRw1MoJm4kGt455KxRiTCepmZnthOBRqKsaXEvUsT6wYccZ2UbG9m92J6XQ1aH82V-Qsgzdd_XGZhcGpilUOlcv7UVDoMn0ptBjD1MOFUJhEOh-9PxUbt0RIoPWVF3pLTdcOjrg&awbid_d=AKAmf-DW1OXVplqOrARtD98uhtSSJvDELHhVKSe1S65S1lz3yj7btJ8ok_rR55l2m2z7ETGoGMhU52E9OoXcgJH_iKYCdfAD0gis4MSVTT-PrGsnzipr5EMarn9Vrd92u7ATLFyrXIB57zMspg6goL8Z9ifeRqNi2dBUOhwTujkB8senIUnvwz_sFlPZg1E11gdEE_u5rB4FIRVaH5zbjh5WoF7WrA7A3ANLf-P9KlAukaedQ0yYRZXBsmHscOfm4ydj_5XWNQi1JpznktSL11Th7uo5ZV7asWTPcW1ELBnsxMNxYU2IGZra5Aryc_MzVcbAhcu4hSlhMUZ006y32kPL2Q8na8UdxNE1193hwuFWRI-aq0miF3ktE3dLpt1vEIEckiLAAcwRZANAB-KaGZDZh1Hzb7EG2Mpi0QR5HQC8XaRqFUQdhtC8yk0OPn9fIdHoZpA4mwLlHcb9oAQy64iA0tGdIbm4wPHZPDl6nnQao_y-rDYAqsjtZFE2ubT9Ka04SiKCoWUImSYn-CwkAnnG1dpJPpHy72KLdaEcND-1uWV0nXPGAYAWuA24YTmH_8AHtguN02KUujZ0r3Jc0YaTcG0auWcN6YQWWaoMvphlvEl4ac8N-2e190WXMamwsXuSzMN-Eh0rIw63uB8XAcLt8CGVfOtWgXRstbaoRGTmuRSl1W7CZ_6EhjfKb8HDv8RBmSgrrmPv&cid=CAASBORo0Yg&exk=2121067367&rfl=https%3A%2F%2Fwww.gismeteo.ua%2F&a_pr=13:YvRi9wAAAAAVmck2pahUnWFzULBJOPxk0ASiyQ

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5fd9ba742c123905aeccd049defeaba15468eef9e9fde8771389f0289344635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 30795
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 2806 11 KB
5 KB 164ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05fdf9059f82368fa058a4fed88c9b56263934d770af68ea301f57f80be88ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1866
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4665
x-xss-protection: 0
server: cafe
etag: 1690156577369591742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:30:23 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.indexww.com/2/974276/ Frame 2806 6 KB
3 KB 295ms
55ms Script
text/javascript 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.indexww.com/2/974276/analytics.js?ac=1859364&ap=&bt=programmatic&cb=6681043333196374366&cr=8409792&de=2&di=www.gismeteo.ua&dm=300x250&gt=DE&md=1&pc=39785&pi=8409792&pp=186102&pv=33fe19e2-7714-4723-bc15-f63fd3761319&si=657865&sr=indexexchange.com&ti=3&to=3&ui=

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-93-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

64c56b1349f1058c78816c89515edc6b381896a8444325e6778f495eb5844c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:29 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2895
Expires: 0

GET
H/1.1 200
OK v1
a1170.casalemedia.com/impression/ Frame 2806 43 B
303 B 173ms
54ms Image
image/gif 185.170.60.101
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1170.casalemedia.com/impression/v1?bidID=0973900e-5d88-4640-ba55-7e12bb832db3&traceID=cbq65trdu9aobe5v5610&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1660183887&ap=0.01&siteID=657865&creativeID=8052c0&pubID=186102&format=banner&channel=site
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.101 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:29 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=200
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2806 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-AGEIFjswOZHwSlEFv3QjRr21A79-AxCkedQCHcBSDskD_Md0NAm_oVSnDjup4-gKVgeIheL2siQdRRi5u9F16SrreH-g&pr=13:YvRi9wAAAABOpbGsC9shfxGCV6HKSH1naau3sQ

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 292D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH_jjOIFX_tzDxQmrRHHlE&google_cver=1

43 B
910 B

95ms
79ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH_jjOIFX_tzDxQmrRHHlE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNXAxNBXo8U6GoGww4McyN0iMaRDdcEj64qQbnO4-3N1Z-C1cWy4iOJQJEHc0wf1mQlRPzDXGAnOypmc_CHMY4TTjajhJdMp-fAyy4anIY7Zaznl7W339d3yHt9w2PSRfdgpomEOTdTWb3DguApR_6oc2_utSJL4p6ZO3DV5FctSk5JGqLg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 738d623648277780-LHR
pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lD0m0R7At%2Bn0NBqP8O0VSQIU3uVc2UpFCeGBN7sgPtzRpTGdqqJAOd7zTL%2B9w%2BD3mPoqVxmonWTArCmrBefDeFPZyXdiDHK8ZQgV5qD73gVfwukA4xWK%2Ft2u%2BpcQIews7utaYcZJY9C65w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH_jjOIFX_tzDxQmrRHHlE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 292D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvRi.Q80HdQ1jKe6AkuqqAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSzRAQjUAaCFhThoBtZdZU&google_cver=1&google_hm=2

43 B
908 B

71ms
70ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSzRAQjUAaCFhThoBtZdZU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNXAxNBXo8U6GoGww4McyN0iMaRDdcEj64qQbnO4-3N1Z-C1cWy4iOJQJEHc0wf1mQlRPzDXGAnOypmc_CHMY4TTjajhJdMp-fAyy4anIY7Zaznl7W339d3yHt9w2PSRfdgpomEOTdTWb3DguApR_6oc2_utSJL4p6ZO3DV5FctSk5JGqLg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 738d623809fb7780-LHR
pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgbLHwVxbzW3EbOee7eYitb3UagdHFeHLVe3O4ZC9FI6wHSmxbPtZnAZF%2BEqWXNAno0hhD493otjqkXP%2Fdxsdf9DwzGVg9uSm4CjStyPF81UQg86v1%2BtE8CNkW6p4pMsxoms3FySESGbXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSzRAQjUAaCFhThoBtZdZU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 292D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2Zr3w2kPAHvUf-g1ggnLE&google_cver=1

43 B
1016 B

60ms
53ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM2Zr3w2kPAHvUf-g1ggnLE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNXAxNBXo8U6GoGww4McyN0iMaRDdcEj64qQbnO4-3N1Z-C1cWy4iOJQJEHc0wf1mQlRPzDXGAnOypmc_CHMY4TTjajhJdMp-fAyy4anIY7Zaznl7W339d3yHt9w2PSRfdgpomEOTdTWb3DguApR_6oc2_utSJL4p6ZO3DV5FctSk5JGqLg

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:29 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c46dad60-f643-4de8-9852-387230ef5f89
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM2Zr3w2kPAHvUf-g1ggnLE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 292D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2NTQxNDU2NTIxODU5MTI1Nw%3D%3D

170 B
243 B

157ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2NTQxNDU2NTIxODU5MTI1Nw%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:29 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f476bb7d-c27b-4902-bca2-ce197dbe494b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2NTQxNDU2NTIxODU5MTI1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 04A7 41 KB
15 KB 165ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvTO7Y7B5PwBUkmkSBqROWxqSAf-qnQr8UqLGMwq0ftWWW4nThPPZLgzNMUNLSe6Rr5SQwb2cPZ-7RI49TpyCfp3cK5pHqGJyBlOmOMW6QIw2q0ab_s0s2e2j2VrKvya9AHaSEzWp7i8GbYeTsAn1Sqfh3Fg&cry=1&dbm_d=AKAmf-A4WdHYoDDdgfUI_HJ3Eh4j_l5ss4C3qMfbaAcUeNS4MXreJ1xfrvCWzSU376ZXKFAptrAUV09kmInl-AYfCrdJVDtjAJZTi0_-GLDqW-QB5MVsfIycWYV3sSqayxfls24EIRoCiCl3uGyUxZAUK4zd7x7I0hAGldOLnE3Fp1uekgcTqPJI-wDqyl2S35kUvk86_0DGnODRYjlNFyvYnjwnzgt3pyauHLQLaxtFduEtqWGcEWp2J_l3dkirm910uOf8CcoR71ESgaGNlMMvSf7wu2_RI4jS3I2BfMIsQGN2aiwHP24kBl0TzVqskXesVQXJL5-DztsYH2oXYqY9lznOOyNZnRHMrPnkeoWbEIT9KIkO3OIuY3CbpKO08J1DtfiVvhc5-7j14J1HPtNxCRST4p_7bK59J4B41iG25aUlF8Pk8asfhc-N2FRBVtn4rTQaiOpg0yvqZyhr1-aRnMfKYykacgVwnO12wL-eDWBFm1dO4BJDJaDatQclVPI_df_meaz4Do7SVacVZAkrAO-MCf0XdqQVE-GUdiI7wTlK51d8zAjTrhBuRo7KFnb9O33AsCfMULI4YK59IUvMP5HZoznWsXtbjDPW_xywxd-IP4fmvM4J9jYtRKtqnMq30oT-DBXR3tQOYD0GeWKrrIyuF6yn-ztld6cCdtHJTcdvu55JoZS1JacpfaP04jM-BbjWsjtDmtrG9JVvuIelb7CaSinekWbv3PrLukGWh0Lavzl3DUXdKO4U3rOGPhdhVKzBFBeYhvjw0QmVIvKr_T0Ym0x2I6jV8arGtE4YmdCOUc11pviF1WoZ10zER7mjPJ0I7sYPGo5gqpJMC9Fbb5MaGu_48A8emTJ5Gk0OwDMhF04gugwXftmAXTOPoemNbUPp8u-cshoD5YXPWtq3basLV3L7uf8VBBx4cAAtr-wlta0LX3GUYY7g0EAWQZhgqr-vqyMoHaxL2dD7eFeaOzbIIal3BZu4V8NitLRNlakBj5AF2bXHTBuhtkj2LWVxN9ikZYavM0pWKX-VnCTlkV_HC2L44ppKrHH-1Yv95WfkPcVXUbGo8vQj5TIHMldUQfAOEpskuc4cpmobvfNmCLZp-AUrH3Q_zOWBIa6GKRCFm7h8Zs_E8SainSJ2ONbR5mSxx3SfrjjE6cbdvbmMdSB-kQvxjZYEGvn_TMMjuXpsAQmKoTdraPwb6W_rHlIuuLeS06BCooBY9LY1aynACk1MuB6ov3cTqcCJBwYqd14JH5ofeaPIRjsmhh9ab69E2gwuNYJ6AkE4s4rTvj0VKs_WiV47oPp3mQCYzlw5Rv2EqUkMdqA__bVJDnjWyPTkam_3XYsxlOJv-CnO8QULu63e6kCfrMQ8hzfs8qCvFN4iqCC6EmXv1rkfv59NM1s9EoLcbbb9WmxPr6vdqIAhDXWCeX4msmynfNaMPu5UsXOjU4Jr7YX-JArKkIs8-B77zGziQpKsx3IHSXevcal7TQ1Jg7IcCyfc3ACv0gS4vovNE3LzD6T2uLkI0LEKChxgSzqvhEIEzpMK8_1s9IeIsrO2F0orJXpXGAUse2iYhC_aq2j0mGVWruu404K8QPrbjaVnr3VYU6FEj9urKz0rh86abQcWr7ac6s408qZ_m-aoKP6lCrsLd_-O9uvxW6i3cV7FmQv3CbJSnVUoYH1qf4cH1ZTUB6m8WZSoXJVnV-jt0om8aab9SR0VJhaWQu4N1KkkDUrlTNscrzkvCcJtNMlPybflqu384JrHblUs8ON7dHQXmiiswK3xvknPr2ygA8UQnXTJY2WwGAxFKwbz5RAZWYiPfegr-mHglypFAYbjoR12ku5tvYIVhfPteHueDtKwd-32nZ4sS-n1p3OR8ZI9wynni7CLiMfqYSMN4PYEViyv6aUCHsXbF608PcOMGrkWrTFYrR-VTFwe7Xx2CuR_gT_KQ7YoxDZSmBq5-R1u_nOojlaTKnuor0gdCZSB_JxE_BQYLpwgRr9vjAad-hFzh89uiFEksbirZCnhRySD1oh_Cd952XIHlCkK1pG7Ow9gm2OaCb4q5DZ3zhryHf8VqAesiOiVTzhlSIV-T9ua4xHGepRRQmTy0VUO2_Az8xBZQyb9KP61w7GBMGhfbiAILivLuz3SaVp1FfhR-XpfcQdmd3KvMPInmU4ChGpDDmDGp183UTnWBd0q5bbmijH6NxRa3cYSAqnRyytf7Qp6A6QGK5F6X0GflDaCxkzM1fuwvHBuIW0j2zTq7rPymhpbmARDa2Syv2gqnaDV1Uj35WHuo8p2UOjHP8mZGwU754mRXINeQXJ7-EoB_2ALN2MkmOzT2_MGh8yCLbeBH8HGGLeSMxEYzgas4IsuoLf1VdsnQfSUEdV-jUTeUGnPdQLqpD5Z64Ur6DT-FoXRtAWF4LndEsveqvha49ZjN_PiMZXo3Ri1RWWsDToGsoe433Zt13XEa7QxeeK6OwkPcV-i1CHqNJDKzyy-IV4YMoBmtMSKP5aJPXRaZQMjnE79WrkkyUeFq6_L2Nk4KzLSoG2PbIgTEmbujfcahjEeLoPU1iPrE3xbSJLfMW0Wy6SW9sC8bc2b1-RYMokE5-4dDnV0HSDjstQalZbf_e288dKkg7Q0Zc4ZqgGgQHIIoHO4-xZ8y3Iq5df4MOC-0U9AlNEcqB0lVATTt4F3Tj3_iHYpz7YHYOwP7ajWfMwLPil9R7zh4y78p0sFGFP_uCpmN-74jpWbyn8&cid=CAASJ-Ro5SXlApve1Y_h7GWhMkOydZsdUpBXTE5PFuHIWB-WBzvfyejAIg&rfl=1%2Chttps%253A%252F%252Fwww.gismeteo.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
DATA 200
OK truncated
/ Frame 9B46 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dece32ab40024a03d2cac85f4bc3f2405d3879e33c112a996ed91948ac0c6d4d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 04A7
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iB...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iBN1PX-XQbhvrdsHsx-XE5_o9POc...

65 KB
23 KB

268ms
108ms

Script
text/javascript

64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iBN1PX-XQbhvrdsHsx-XE5_o9POcmzukwsahe1tDPbGQ5xSZCbhSohHRV8DXOMTgGwm2lsxJYsMKBzaYxvedDdfR_7NbEKTqjCI_w7iEqkVAKAmf-DQUZp1M6LbqRSk7IRcxb1Z69gY8FZhh_cWSUa2bTI7YO0RBUG4IFaI_cC6d7_OtrWQw_axSyDjAyGzAU0o2wtKmtfGGml8mEYzOt-hwbz6ZEwW7O4qFsHi7i1hxqVl6_2n41ihdsH565yKTSQE2WxnyN2_F9er3-NLF5rtJB_Tsq251ZdPGlWxoSot03JdVYlVCY7ErUn5vxgcxjKj0GmZiQaupt8mRQNdZIMKqixcv2R3xFIZbZjZiZ_SZuQWvDRyCsNHQaQzkjI-g1pdec70VTgiwSwUCIRwkBVt7hFbN0zDCu7zoAVuQvg5BAodYfLqkMzN8yZ8xoCtjM87OrZeVuuOwxL9IoOsl6x2ZH5A5EAI1qG56orVNVL1DTJ4P5PNCykUnONj7qiaLzTQWawI-rlJQmT3xYzWlXF5D_DkxjBdOhobyn8tElGIYOTxRIRDa6F0-m3NjjbiTORCG2VnoCk10PenZRlXO-sZDa0_cz5OxGMpdvmnQ9gnm8OvnJ5ZvaLRa35cJjrSWyTdQqEbncCFk3Jn2j3tknbUQyi8Z4584wWU2QfsJm8IuIf1fxvaDp0mLKscgcAMEhuE85gPT3rzVxQqbT2pqwxJMRcv77XT2Rud6Lb0uXSJWwc8PVEQLvKX2vVsNkRfWXNIrrthIenS10L2qay3PfEentlnAvx2eQf9Fz5oVPnoOOh_1p-rQhCbU7gR0ZVatw1bg2Z-ZwuF7J8vpG0fl8skUsp6R9CfHad8b3ofQ7-MhI6bqdZoWVLc8WRpsvB8LKKJd4wiixsP8oYNxcAEtoOAVzpkNdtXZBmGbsIkbEJuEZDI-oCEcIjNb5DEH6o_V53BvHQ_w83eWUOaNuZaT_pQNcTdRvL0xgOqh_d03quV0qUpZOZ2drId9fxozWbQeKhi85A11VC3dL34uBUu9-GgMvNK_AdlOXBCRYghpK-KmkAfmcAIB7ef5Nk5782sfVx6cSBVIa2cHvo6l1CAZAdWQwFLJuPYAZMuBBH7tux9j51tzw53FqS6Nb96UoKVq4MRQHMcfLKOq1KY4nX1kpyw4enTr_5rpFOeKi_j3eOm4TTRHz2-b7VbbF1M79kQlJmmuYtwBfyePgwgWi_oVu_kaGzH6BwnfNZ1vpGasVM552cBV6IXvM6ahALtOS1j3APgvWHiMGCBqlSyjBSaNeuxYzvcfjV9qHMs7isNnncNqz9A61AyjtuKRzo-Dml5TaIWsrO7f4Y1BFx8FdrMkrLiCe2KdTpXu__DZChKMvbTRwYYra-ll1tbd7R1sE4vk21gvMAbF7yUniWyROJqHEoEEFLaKCse0zJVumyHb4aduHQ-iAJNMfrOxclW_bNh398RbbBIYu9S5ns30-2XkxAj3Vp7ZG8QObpg-gy0Vcc404GYFs-xORj6aqhhkrC0_6szh0PMcswvfVd0aOpEFKgsDXn6pCMlyYRZiLX_0cZFc-KPqjF-jSbSYA07lGFP30Pyc-0AQscFk3_aCCSOlCkbwKfWpjUzi5kWURAei1IXVfnEp-Y0pGTR01mnCqMLk2a60-cXCx2nZ69y78b1HpfuuK7eb2CKDKx7CtY7scR2tvBaOMj2EdtZGEFv00ZyRZxn6L4PpV8fLx9TstHWVy3qwsGpPQELFnhor31aACwxlzawKjK0skmQcEY4KmPsqHqyuFb_-oHjKliMo44zoJx_C_yW6T75A2ilFN4D9J0-jq4yFKb54Tp5scJSLdo0JW2W5l4g4quc5BkPNj3dGFWWWL3_iJo3UFhNUHfsMC4HtyJAi42hfgRgQYMH9AuZiSxWxlGrT9KWMY1FaBdjWrhCBE9njZ9PFbjVP-NpantshS3mslMWOxmnCfVsVYUDSXZfT0jvC5y2uXoIRDNvcYs95AI0UWDHcNvQAduws6YYB-GKMR2Eu0eV-qQFhPKU5PQui5A3xHr-zbkqt-qzHe9flNg-5s_AWSZc-z7y9z7_iJNjLIkf3HjqjqKuCtX5x16vdfl-66WdU2_8xPvG3jZlRgi_BSnh0x_6VTl5N2wggpA98WnHEF9c247pYfURQP_CnoXkEb-nGiyuxs5ggixXzbLQ60BEb8-eZzGrhyvGU_wyGDsyaqmD016VBan6CWndfFVoLQfkBoQczhbEBYs2cSeRkSV9j3cvUsWbdNMPfnt3UBySX3RqvbjhQ-sVHo3QKhdjDK0MWXmR-StDU30uUymB5_QbeUl5PbTlU1lg94YhwBNTFouxyaJ8X2uu1axovvgK92NGx0JG4ViNonyzIzXwoJMlnnymmPKaiTLZCnwkTIias3AFjp7cs7TAi6bX4PGuGCkYYRVQ_Y4qsog9Jb4pK1HbGAzFSaVD3Lwpn_4f_6qQJYsWLj5gzyIIuWS4KnxMOw1wOFwhFI6skN3uzqNPLA1zX7imZ70uVmvK4MCY7HwqQGHiL5mMQ2S8xu9kcdZhYg1lRGN65VyU4RNWzHS8PKA21UCtISQ7Uockcb2xOQpUhB5B0CwpNYSCGD9mTjMj7sPG_5zNtlx5Q5jdTjnMi01EYj_O2cMq8kfyO2vFvS3Mm9OJs_T8DOPbkJTR5te8MQxpCcsOlRthExj7LLpOBcMRXP135pHWox7rmHjd71RWXnmyoKFmCxUBaM9LNeClM88JsT-QNEgR7uv90wOezQu-w-gdt4c6V2S6FI2fo8vUM0Bs0jd8TvXdBqLjbMwXxkVFHF6LftXYCVf98lyQh2FUcD0qYFzksT7P2T7VSn2_XSUA0jjMAddCwi0HtQWLK3XI6H-DkNzGaz4riowhqYzSLeyrn5rp0tmQmE6C95clygmV3Pd5zdka0_gCv9K95N9k71fnINubAhU01Sw_8C_z5YV92AC14VhbINCn7a3A7Go6IASPIAoqjFHLDu_5eoieuqYEyiSOWXraugKiPupVXJ0f3WAVP0v9fXm1qi6b5tzsIaadjuiJ89mDbmEzc2eboo07VgjKPBfFTwk0nKvB34gKUM0aYVWCIiHq0VtsCK6q9SuSyIqLWjpLDEtcIDRu9qxSOsUBZ5WTkGKHhMyD3BbEpk0kK74jFCRueCaQLsGmfGsGg3GbnLHMxDOcaaN8XamUDMly9v5niFnrF0cEi5E1PuOrxAjE6bX-yTFs0meFV4DxKZIlMcJhn7VurAtxDAhJ24T_oLVWfgipJrPC0J3p6i6fG21qf9hW4y3cbXChT5oF5pjmIrURGGf69Odbn7tlDIEAINU4S9jEfXHyivwENRnc2LOh0EwEU1aiuwh11X73AGviXxsTvGT3Z8Ws5-cUOB2X4XJUuIlVziSyuDUGd8Zq9xhcnFiwxEeA4CR79eDyzdQPmL9W-1O1nonzjLFgr0dBiLmZe6NySh3ysA5D7pn2vDkGPk0BiCRtOKTbwjDo8_gKWvabnr0V3W155Tt7lcWFRyGZ-qPSGu5l4uw52Jwb_r3FyOI14w5XEXaPz4P8MMQ9HAcEpgriBjIjSkdpCZsr8yemTwUpS6hJ0T9rLqfEFl-8dl6RFAoMyLpKqKaRm4BM0ichiGUcl4dRGSf8i7gbIiJ7WY3xj395RMnoeS6Y10syCE6p_YWRo57lxGfxUWSTE0OlmPE8V5zy33DcTEBJHA-Cd9oBtsxwFg4aKwgAEifkaOUl5QKb3tWP4exloTJDsnWbHVKQV0xOTxbhyFgflgc738nowCJgAQ

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

5170e4d29c52bf05240882362068874de560cd4f338b9ea53fedd08369eecddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22903
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iBN1PX-XQbhvrdsHsx-XE5_o9POcmzukwsahe1tDPbGQ5xSZCbhSohHRV8DXOMTgGwm2lsxJYsMKBzaYxvedDdfR_7NbEKTqjCI_w7iEqkVAKAmf-DQUZp1M6LbqRSk7IRcxb1Z69gY8FZhh_cWSUa2bTI7YO0RBUG4IFaI_cC6d7_OtrWQw_axSyDjAyGzAU0o2wtKmtfGGml8mEYzOt-hwbz6ZEwW7O4qFsHi7i1hxqVl6_2n41ihdsH565yKTSQE2WxnyN2_F9er3-NLF5rtJB_Tsq251ZdPGlWxoSot03JdVYlVCY7ErUn5vxgcxjKj0GmZiQaupt8mRQNdZIMKqixcv2R3xFIZbZjZiZ_SZuQWvDRyCsNHQaQzkjI-g1pdec70VTgiwSwUCIRwkBVt7hFbN0zDCu7zoAVuQvg5BAodYfLqkMzN8yZ8xoCtjM87OrZeVuuOwxL9IoOsl6x2ZH5A5EAI1qG56orVNVL1DTJ4P5PNCykUnONj7qiaLzTQWawI-rlJQmT3xYzWlXF5D_DkxjBdOhobyn8tElGIYOTxRIRDa6F0-m3NjjbiTORCG2VnoCk10PenZRlXO-sZDa0_cz5OxGMpdvmnQ9gnm8OvnJ5ZvaLRa35cJjrSWyTdQqEbncCFk3Jn2j3tknbUQyi8Z4584wWU2QfsJm8IuIf1fxvaDp0mLKscgcAMEhuE85gPT3rzVxQqbT2pqwxJMRcv77XT2Rud6Lb0uXSJWwc8PVEQLvKX2vVsNkRfWXNIrrthIenS10L2qay3PfEentlnAvx2eQf9Fz5oVPnoOOh_1p-rQhCbU7gR0ZVatw1bg2Z-ZwuF7J8vpG0fl8skUsp6R9CfHad8b3ofQ7-MhI6bqdZoWVLc8WRpsvB8LKKJd4wiixsP8oYNxcAEtoOAVzpkNdtXZBmGbsIkbEJuEZDI-oCEcIjNb5DEH6o_V53BvHQ_w83eWUOaNuZaT_pQNcTdRvL0xgOqh_d03quV0qUpZOZ2drId9fxozWbQeKhi85A11VC3dL34uBUu9-GgMvNK_AdlOXBCRYghpK-KmkAfmcAIB7ef5Nk5782sfVx6cSBVIa2cHvo6l1CAZAdWQwFLJuPYAZMuBBH7tux9j51tzw53FqS6Nb96UoKVq4MRQHMcfLKOq1KY4nX1kpyw4enTr_5rpFOeKi_j3eOm4TTRHz2-b7VbbF1M79kQlJmmuYtwBfyePgwgWi_oVu_kaGzH6BwnfNZ1vpGasVM552cBV6IXvM6ahALtOS1j3APgvWHiMGCBqlSyjBSaNeuxYzvcfjV9qHMs7isNnncNqz9A61AyjtuKRzo-Dml5TaIWsrO7f4Y1BFx8FdrMkrLiCe2KdTpXu__DZChKMvbTRwYYra-ll1tbd7R1sE4vk21gvMAbF7yUniWyROJqHEoEEFLaKCse0zJVumyHb4aduHQ-iAJNMfrOxclW_bNh398RbbBIYu9S5ns30-2XkxAj3Vp7ZG8QObpg-gy0Vcc404GYFs-xORj6aqhhkrC0_6szh0PMcswvfVd0aOpEFKgsDXn6pCMlyYRZiLX_0cZFc-KPqjF-jSbSYA07lGFP30Pyc-0AQscFk3_aCCSOlCkbwKfWpjUzi5kWURAei1IXVfnEp-Y0pGTR01mnCqMLk2a60-cXCx2nZ69y78b1HpfuuK7eb2CKDKx7CtY7scR2tvBaOMj2EdtZGEFv00ZyRZxn6L4PpV8fLx9TstHWVy3qwsGpPQELFnhor31aACwxlzawKjK0skmQcEY4KmPsqHqyuFb_-oHjKliMo44zoJx_C_yW6T75A2ilFN4D9J0-jq4yFKb54Tp5scJSLdo0JW2W5l4g4quc5BkPNj3dGFWWWL3_iJo3UFhNUHfsMC4HtyJAi42hfgRgQYMH9AuZiSxWxlGrT9KWMY1FaBdjWrhCBE9njZ9PFbjVP-NpantshS3mslMWOxmnCfVsVYUDSXZfT0jvC5y2uXoIRDNvcYs95AI0UWDHcNvQAduws6YYB-GKMR2Eu0eV-qQFhPKU5PQui5A3xHr-zbkqt-qzHe9flNg-5s_AWSZc-z7y9z7_iJNjLIkf3HjqjqKuCtX5x16vdfl-66WdU2_8xPvG3jZlRgi_BSnh0x_6VTl5N2wggpA98WnHEF9c247pYfURQP_CnoXkEb-nGiyuxs5ggixXzbLQ60BEb8-eZzGrhyvGU_wyGDsyaqmD016VBan6CWndfFVoLQfkBoQczhbEBYs2cSeRkSV9j3cvUsWbdNMPfnt3UBySX3RqvbjhQ-sVHo3QKhdjDK0MWXmR-StDU30uUymB5_QbeUl5PbTlU1lg94YhwBNTFouxyaJ8X2uu1axovvgK92NGx0JG4ViNonyzIzXwoJMlnnymmPKaiTLZCnwkTIias3AFjp7cs7TAi6bX4PGuGCkYYRVQ_Y4qsog9Jb4pK1HbGAzFSaVD3Lwpn_4f_6qQJYsWLj5gzyIIuWS4KnxMOw1wOFwhFI6skN3uzqNPLA1zX7imZ70uVmvK4MCY7HwqQGHiL5mMQ2S8xu9kcdZhYg1lRGN65VyU4RNWzHS8PKA21UCtISQ7Uockcb2xOQpUhB5B0CwpNYSCGD9mTjMj7sPG_5zNtlx5Q5jdTjnMi01EYj_O2cMq8kfyO2vFvS3Mm9OJs_T8DOPbkJTR5te8MQxpCcsOlRthExj7LLpOBcMRXP135pHWox7rmHjd71RWXnmyoKFmCxUBaM9LNeClM88JsT-QNEgR7uv90wOezQu-w-gdt4c6V2S6FI2fo8vUM0Bs0jd8TvXdBqLjbMwXxkVFHF6LftXYCVf98lyQh2FUcD0qYFzksT7P2T7VSn2_XSUA0jjMAddCwi0HtQWLK3XI6H-DkNzGaz4riowhqYzSLeyrn5rp0tmQmE6C95clygmV3Pd5zdka0_gCv9K95N9k71fnINubAhU01Sw_8C_z5YV92AC14VhbINCn7a3A7Go6IASPIAoqjFHLDu_5eoieuqYEyiSOWXraugKiPupVXJ0f3WAVP0v9fXm1qi6b5tzsIaadjuiJ89mDbmEzc2eboo07VgjKPBfFTwk0nKvB34gKUM0aYVWCIiHq0VtsCK6q9SuSyIqLWjpLDEtcIDRu9qxSOsUBZ5WTkGKHhMyD3BbEpk0kK74jFCRueCaQLsGmfGsGg3GbnLHMxDOcaaN8XamUDMly9v5niFnrF0cEi5E1PuOrxAjE6bX-yTFs0meFV4DxKZIlMcJhn7VurAtxDAhJ24T_oLVWfgipJrPC0J3p6i6fG21qf9hW4y3cbXChT5oF5pjmIrURGGf69Odbn7tlDIEAINU4S9jEfXHyivwENRnc2LOh0EwEU1aiuwh11X73AGviXxsTvGT3Z8Ws5-cUOB2X4XJUuIlVziSyuDUGd8Zq9xhcnFiwxEeA4CR79eDyzdQPmL9W-1O1nonzjLFgr0dBiLmZe6NySh3ysA5D7pn2vDkGPk0BiCRtOKTbwjDo8_gKWvabnr0V3W155Tt7lcWFRyGZ-qPSGu5l4uw52Jwb_r3FyOI14w5XEXaPz4P8MMQ9HAcEpgriBjIjSkdpCZsr8yemTwUpS6hJ0T9rLqfEFl-8dl6RFAoMyLpKqKaRm4BM0ichiGUcl4dRGSf8i7gbIiJ7WY3xj395RMnoeS6Y10syCE6p_YWRo57lxGfxUWSTE0OlmPE8V5zy33DcTEBJHA-Cd9oBtsxwFg4aKwgAEifkaOUl5QKb3tWP4exloTJDsnWbHVKQV0xOTxbhyFgflgc738nowCJgAQ
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 4D1A 80 KB
21 KB 212ms
66ms Script
application/javascript 2600:9000:21f3:bc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 7493216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: 7oQaofGZ2kJjO1R92_Sm63Odwl3KpljRD-28dSXHqAsqBtcq0mUiLA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 04A7 43 B
215 B 615ms
195ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=6d6723ed-3165-6f92-dac2-30f92b069144&tv=%7Bc:kWzgyd,pingTime:-3,time:48,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 04A7 43 B
215 B 613ms
196ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=6d6723ed-3165-6f92-dac2-30f92b069144&tv=%7Bc:kWzgyf,pingTime:-6,time:50,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.gismeteo.ua*&br=c
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 04A7 43 B
216 B 611ms
195ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=6d6723ed-3165-6f92-dac2-30f92b069144&tv=%7Bc:kWzgyi,pingTime:-2,time:53,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:481,beZ:483,mfA:484,cmA:485,inA:486,inZ:489,prA:490,prZ:496,si:502,poA:503,poZ:523,cmZ:523,mfZ:523,loA:531,loZ:533,ltA:534,ltZ:534%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:31,readyFired:false%7D&br=c
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 771C 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 552924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 073D 0
17 B 105ms
104ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb0DH92L0YuyyGuPQzAaAh4GYCfb6kLtry_jMwNEP18eivcABEAEgt-WEIWCVAqAB6tyA0QLIAQKpAv_b8F4rxKc-qAMByAPJBKoEzwFP0DCbunUmi2f3kLaLSkw4L7fUu6fx_IDmkAc2fiKM1lXJdQtUH-_aZAr-qmMidr2LuIgoStPEU_myaEF1qVLCW4zfYarV525JWZ5CYSIo_7uHgnq_KzeITlVsOPyYUbjDBSrfkNX1T6Ra6t-o0vwvc139ttX_rnJtFB7uyxguc7ikmGMd6Ekq8pTAHstZsO-wI8Jo3zG2b8V5pPccd6j3sbB5YCYDm4NNu69-Wf89nKm1QOJ1FU0WDcBp9lYwrCCMucA09MZ3XyEwtVRxNYDABPPC-J7UA5IFBAgEGAGSBQQIBRgEoAYCgAf-ov-uAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggRCIDhgBAQARgAMgKqAjoCgEDyCA1iaWRkZXItNjU3ODY1gAoEyAsB2BMN0BUBmBYBgBcBshcICgYIABIAGAA&sigh=aVOBM1eOpT8&uach_m=[UACH]&pr=13:YvRi9wAAAAAVmck2pahUnWFzULBJOPxk0ASiyQ&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=679892651&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://www.gismeteo.ua/ua/&sub_client=bidder-657865&hl=en&aceid=MPlVNAFFWzQBkWA0AflwNAEQdTQBqHU0AcB1NAENeDQBm3g0AfR6NAGcezQBvHs0Ael7NAHsezQBB3w0ARx8NAErfDQBLXw0AS58NAE-fDQBRXw0AVF8NAFSfDQBWXw0AVt8NAFefDQBX3w0AWF8NAFufDQBenw0AX18NAGBfDQBgnw0AYV8NAGPfDQBnnw0Aa98NAG0fDQBt3w0AeprQQFLc0EBU3NBATnIXAInQqoCKEKqAvB2qgLnd6oCgJuqAoGbqgKCm6oCXqCqAqKoqgK4sKoCJrOqAre9qgJ_zaoC3duqAlXeqgLF46oCoOWqAqnoqgJd6aoCFuqqAg_xqgJx8aoCOfKqAnTyqgLz9aoCQ_iqAiX7qgJC-6oCbf-qAuwAqwKkAasCgQOrAvYFqwIkBqsCcwarAv0JqwJJDKsCTQyrArsMqwLTEKsC_hCrAsUTqwKNFasCaRarAh4XqwIuF6sCoBqrAhUbqwJDG6sCfRyrAvYcqwIGHasCHR2rAuseqwICH6sChh-rAqIfqwKvH6sCyh-rAkcgqwKgIKsCwiCrAkYhqwJ4IasCnyGrAr0hqwLhIasCQiOrAqEkqwLWJKsCQyarAnsnqwLMJ6sC4rPFBfBC3AlEb6YPX5z7EsvZ-xJQ6_sSlPb7EjL7-xLnAPwScQH8Epi5UROCLkIU-FZrGg&awbid_c=AKAmf-DKPpBa3eo59DO_EvUUyOu0UNeYy63N87nI9KIvc8ncbRw1MoJm4kGt455KxRiTCepmZnthOBRqKsaXEvUsT6wYccZ2UbG9m92J6XQ1aH82V-Qsgzdd_XGZhcGpilUOlcv7UVDoMn0ptBjD1MOFUJhEOh-9PxUbt0RIoPWVF3pLTdcOjrg&awbid_d=AKAmf-DW1OXVplqOrARtD98uhtSSJvDELHhVKSe1S65S1lz3yj7btJ8ok_rR55l2m2z7ETGoGMhU52E9OoXcgJH_iKYCdfAD0gis4MSVTT-PrGsnzipr5EMarn9Vrd92u7ATLFyrXIB57zMspg6goL8Z9ifeRqNi2dBUOhwTujkB8senIUnvwz_sFlPZg1E11gdEE_u5rB4FIRVaH5zbjh5WoF7WrA7A3ANLf-P9KlAukaedQ0yYRZXBsmHscOfm4ydj_5XWNQi1JpznktSL11Th7uo5ZV7asWTPcW1ELBnsxMNxYU2IGZra5Aryc_MzVcbAhcu4hSlhMUZ006y32kPL2Q8na8UdxNE1193hwuFWRI-aq0miF3ktE3dLpt1vEIEckiLAAcwRZANAB-KaGZDZh1Hzb7EG2Mpi0QR5HQC8XaRqFUQdhtC8yk0OPn9fIdHoZpA4mwLlHcb9oAQy64iA0tGdIbm4wPHZPDl6nnQao_y-rDYAqsjtZFE2ubT9Ka04SiKCoWUImSYn-CwkAnnG1dpJPpHy72KLdaEcND-1uWV0nXPGAYAWuA24YTmH_8AHtguN02KUujZ0r3Jc0YaTcG0auWcN6YQWWaoMvphlvEl4ac8N-2e190WXMamwsXuSzMN-Eh0rIw63uB8XAcLt8CGVfOtWgXRstbaoRGTmuRSl1W7CZ_6EhjfKb8HDv8RBmSgrrmPv&cid=CAASBORo0Yg&exk=2121067367&rfl=https%3A%2F%2Fwww.gismeteo.ua%2F&a_pr=13:YvRi9wAAAAAVmck2pahUnWFzULBJOPxk0ASiyQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=679892651&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://www.gismeteo.ua/ua/&sub_client=bidder-657865&hl=en&aceid=MPlVNAFFWzQBkWA0AflwNAEQdTQBqHU0AcB1NAENeDQBm3g0AfR6NAGcezQBvHs0Ael7NAHsezQBB3w0ARx8NAErfDQBLXw0AS58NAE-fDQBRXw0AVF8NAFSfDQBWXw0AVt8NAFefDQBX3w0AWF8NAFufDQBenw0AX18NAGBfDQBgnw0AYV8NAGPfDQBnnw0Aa98NAG0fDQBt3w0AeprQQFLc0EBU3NBATnIXAInQqoCKEKqAvB2qgLnd6oCgJuqAoGbqgKCm6oCXqCqAqKoqgK4sKoCJrOqAre9qgJ_zaoC3duqAlXeqgLF46oCoOWqAqnoqgJd6aoCFuqqAg_xqgJx8aoCOfKqAnTyqgLz9aoCQ_iqAiX7qgJC-6oCbf-qAuwAqwKkAasCgQOrAvYFqwIkBqsCcwarAv0JqwJJDKsCTQyrArsMqwLTEKsC_hCrAsUTqwKNFasCaRarAh4XqwIuF6sCoBqrAhUbqwJDG6sCfRyrAvYcqwIGHasCHR2rAuseqwICH6sChh-rAqIfqwKvH6sCyh-rAkcgqwKgIKsCwiCrAkYhqwJ4IasCnyGrAr0hqwLhIasCQiOrAqEkqwLWJKsCQyarAnsnqwLMJ6sC4rPFBfBC3AlEb6YPX5z7EsvZ-xJQ6_sSlPb7EjL7-xLnAPwScQH8Epi5UROCLkIU-FZrGg&awbid_c=AKAmf-DKPpBa3eo59DO_EvUUyOu0UNeYy63N87nI9KIvc8ncbRw1MoJm4kGt455KxRiTCepmZnthOBRqKsaXEvUsT6wYccZ2UbG9m92J6XQ1aH82V-Qsgzdd_XGZhcGpilUOlcv7UVDoMn0ptBjD1MOFUJhEOh-9PxUbt0RIoPWVF3pLTdcOjrg&awbid_d=AKAmf-DW1OXVplqOrARtD98uhtSSJvDELHhVKSe1S65S1lz3yj7btJ8ok_rR55l2m2z7ETGoGMhU52E9OoXcgJH_iKYCdfAD0gis4MSVTT-PrGsnzipr5EMarn9Vrd92u7ATLFyrXIB57zMspg6goL8Z9ifeRqNi2dBUOhwTujkB8senIUnvwz_sFlPZg1E11gdEE_u5rB4FIRVaH5zbjh5WoF7WrA7A3ANLf-P9KlAukaedQ0yYRZXBsmHscOfm4ydj_5XWNQi1JpznktSL11Th7uo5ZV7asWTPcW1ELBnsxMNxYU2IGZra5Aryc_MzVcbAhcu4hSlhMUZ006y32kPL2Q8na8UdxNE1193hwuFWRI-aq0miF3ktE3dLpt1vEIEckiLAAcwRZANAB-KaGZDZh1Hzb7EG2Mpi0QR5HQC8XaRqFUQdhtC8yk0OPn9fIdHoZpA4mwLlHcb9oAQy64iA0tGdIbm4wPHZPDl6nnQao_y-rDYAqsjtZFE2ubT9Ka04SiKCoWUImSYn-CwkAnnG1dpJPpHy72KLdaEcND-1uWV0nXPGAYAWuA24YTmH_8AHtguN02KUujZ0r3Jc0YaTcG0auWcN6YQWWaoMvphlvEl4ac8N-2e190WXMamwsXuSzMN-Eh0rIw63uB8XAcLt8CGVfOtWgXRstbaoRGTmuRSl1W7CZ_6EhjfKb8HDv8RBmSgrrmPv&cid=CAASBORo0Yg&exk=2121067367&rfl=https%3A%2F%2Fwww.gismeteo.ua%2F&a_pr=13:YvRi9wAAAAAVmck2pahUnWFzULBJOPxk0ASiyQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 02:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 16921816373219035148
tpc.googlesyndication.com/simgad/ Frame 073D 20 KB
20 KB 54ms
54ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16921816373219035148?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlm0uLE_FcoJfpY6dgv4PalqnODkw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e75f4b5d21ed0fd665253c3e284b33eba4dbc3fc7ad89bfe484f73d9f2b0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:57:23 GMT
x-content-type-options: nosniff
age: 151446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20769
x-xss-protection: 0
last-modified: Sat, 02 Apr 2022 04:08:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 07:57:23 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 073D 30 KB
12 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 23:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
server: cafe
etag: 9647346768486398696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 23:42:16 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 073D 3 KB
1 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:17:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 073D 140 KB
43 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:01:29 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 073D 26 KB
10 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99bb23e517678ec44a603b7f053a410e97e715649dd196400a5c444a3fdae6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10272
x-xss-protection: 0
server: cafe
etag: 176313366917465162
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:26:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 073D 0
0 177ms
61ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTZUBnelApUuBzhn7KXsMQZn9VPZZ86EhZTxoOADeX62zD0fLgZoPMzNEW8rTsQu8E-JB-zkwjvxe0x1OD2p3Pp--elQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=679892651&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://www.gismeteo.ua/ua/&sub_client=bidder-657865&hl=en&aceid=MPlVNAFFWzQBkWA0AflwNAEQdTQBqHU0AcB1NAENeDQBm3g0AfR6NAGcezQBvHs0Ael7NAHsezQBB3w0ARx8NAErfDQBLXw0AS58NAE-fDQBRXw0AVF8NAFSfDQBWXw0AVt8NAFefDQBX3w0AWF8NAFufDQBenw0AX18NAGBfDQBgnw0AYV8NAGPfDQBnnw0Aa98NAG0fDQBt3w0AeprQQFLc0EBU3NBATnIXAInQqoCKEKqAvB2qgLnd6oCgJuqAoGbqgKCm6oCXqCqAqKoqgK4sKoCJrOqAre9qgJ_zaoC3duqAlXeqgLF46oCoOWqAqnoqgJd6aoCFuqqAg_xqgJx8aoCOfKqAnTyqgLz9aoCQ_iqAiX7qgJC-6oCbf-qAuwAqwKkAasCgQOrAvYFqwIkBqsCcwarAv0JqwJJDKsCTQyrArsMqwLTEKsC_hCrAsUTqwKNFasCaRarAh4XqwIuF6sCoBqrAhUbqwJDG6sCfRyrAvYcqwIGHasCHR2rAuseqwICH6sChh-rAqIfqwKvH6sCyh-rAkcgqwKgIKsCwiCrAkYhqwJ4IasCnyGrAr0hqwLhIasCQiOrAqEkqwLWJKsCQyarAnsnqwLMJ6sC4rPFBfBC3AlEb6YPX5z7EsvZ-xJQ6_sSlPb7EjL7-xLnAPwScQH8Epi5UROCLkIU-FZrGg&awbid_c=AKAmf-DKPpBa3eo59DO_EvUUyOu0UNeYy63N87nI9KIvc8ncbRw1MoJm4kGt455KxRiTCepmZnthOBRqKsaXEvUsT6wYccZ2UbG9m92J6XQ1aH82V-Qsgzdd_XGZhcGpilUOlcv7UVDoMn0ptBjD1MOFUJhEOh-9PxUbt0RIoPWVF3pLTdcOjrg&awbid_d=AKAmf-DW1OXVplqOrARtD98uhtSSJvDELHhVKSe1S65S1lz3yj7btJ8ok_rR55l2m2z7ETGoGMhU52E9OoXcgJH_iKYCdfAD0gis4MSVTT-PrGsnzipr5EMarn9Vrd92u7ATLFyrXIB57zMspg6goL8Z9ifeRqNi2dBUOhwTujkB8senIUnvwz_sFlPZg1E11gdEE_u5rB4FIRVaH5zbjh5WoF7WrA7A3ANLf-P9KlAukaedQ0yYRZXBsmHscOfm4ydj_5XWNQi1JpznktSL11Th7uo5ZV7asWTPcW1ELBnsxMNxYU2IGZra5Aryc_MzVcbAhcu4hSlhMUZ006y32kPL2Q8na8UdxNE1193hwuFWRI-aq0miF3ktE3dLpt1vEIEckiLAAcwRZANAB-KaGZDZh1Hzb7EG2Mpi0QR5HQC8XaRqFUQdhtC8yk0OPn9fIdHoZpA4mwLlHcb9oAQy64iA0tGdIbm4wPHZPDl6nnQao_y-rDYAqsjtZFE2ubT9Ka04SiKCoWUImSYn-CwkAnnG1dpJPpHy72KLdaEcND-1uWV0nXPGAYAWuA24YTmH_8AHtguN02KUujZ0r3Jc0YaTcG0auWcN6YQWWaoMvphlvEl4ac8N-2e190WXMamwsXuSzMN-Eh0rIw63uB8XAcLt8CGVfOtWgXRstbaoRGTmuRSl1W7CZ_6EhjfKb8HDv8RBmSgrrmPv&cid=CAASBORo0Yg&exk=2121067367&rfl=https%3A%2F%2Fwww.gismeteo.ua%2F&a_pr=13:YvRi9wAAAAAVmck2pahUnWFzULBJOPxk0ASiyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 073D 43 KB
16 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/one_click_handler_one_afma.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f977a7908fb59e01a08ef399167efa0a90f29bf9961379a4ffa1f567871b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16474
x-xss-protection: 0
server: cafe
etag: 10982985880585010885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 22:18:23 GMT

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 220ms
54ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?oz_pl=1&ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&_x=1
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/974276/analytics.js?ac=1859364&ap=&bt=programmatic&cb=6681043333196374366&cr=8409792&de=2&di=www.gismeteo.ua&dm=300x250&gt=DE&md=1&pc=39785&pi=8409792&pp=186102&pv=33fe19e2-7714-4723-bc15-f63fd3761319&si=657865&sr=indexexchange.com&ti=3&to=3&ui=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.indexww.com/2/2.66.1/ Frame 2806 161 KB
51 KB 56ms
56ms Script
text/javascript 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.indexww.com/2/2.66.1/main.js

Requested by

Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/974276/analytics.js?ac=1859364&ap=&bt=programmatic&cb=6681043333196374366&cr=8409792&de=2&di=www.gismeteo.ua&dm=300x250&gt=DE&md=1&pc=39785&pi=8409792&pp=186102&pv=33fe19e2-7714-4723-bc15-f63fd3761319&si=657865&sr=indexexchange.com&ti=3&to=3&ui=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-93-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

41c7f77cb564e20029d53084a16a3f1ba3da49f2d2c08c610584a5020dc9aaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 02:01:29 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 51462
Expires: Sat, 18 Apr 2054 18:57:22 GMT

GET
H3 200 7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js Show response
pagead2.googlesyndication.com/bg/ Frame 771C 36 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14169
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:08:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A7E8 143 B
163 B 54ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=679892651&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://www.gismeteo.ua/ua/&sub_client=bidder-657865&hl=en&aceid=MPlVNAFFWzQBkWA0AflwNAEQdTQBqHU0AcB1NAENeDQBm3g0AfR6NAGcezQBvHs0Ael7NAHsezQBB3w0ARx8NAErfDQBLXw0AS58NAE-fDQBRXw0AVF8NAFSfDQBWXw0AVt8NAFefDQBX3w0AWF8NAFufDQBenw0AX18NAGBfDQBgnw0AYV8NAGPfDQBnnw0Aa98NAG0fDQBt3w0AeprQQFLc0EBU3NBATnIXAInQqoCKEKqAvB2qgLnd6oCgJuqAoGbqgKCm6oCXqCqAqKoqgK4sKoCJrOqAre9qgJ_zaoC3duqAlXeqgLF46oCoOWqAqnoqgJd6aoCFuqqAg_xqgJx8aoCOfKqAnTyqgLz9aoCQ_iqAiX7qgJC-6oCbf-qAuwAqwKkAasCgQOrAvYFqwIkBqsCcwarAv0JqwJJDKsCTQyrArsMqwLTEKsC_hCrAsUTqwKNFasCaRarAh4XqwIuF6sCoBqrAhUbqwJDG6sCfRyrAvYcqwIGHasCHR2rAuseqwICH6sChh-rAqIfqwKvH6sCyh-rAkcgqwKgIKsCwiCrAkYhqwJ4IasCnyGrAr0hqwLhIasCQiOrAqEkqwLWJKsCQyarAnsnqwLMJ6sC4rPFBfBC3AlEb6YPX5z7EsvZ-xJQ6_sSlPb7EjL7-xLnAPwScQH8Epi5UROCLkIU-FZrGg&awbid_c=AKAmf-DKPpBa3eo59DO_EvUUyOu0UNeYy63N87nI9KIvc8ncbRw1MoJm4kGt455KxRiTCepmZnthOBRqKsaXEvUsT6wYccZ2UbG9m92J6XQ1aH82V-Qsgzdd_XGZhcGpilUOlcv7UVDoMn0ptBjD1MOFUJhEOh-9PxUbt0RIoPWVF3pLTdcOjrg&awbid_d=AKAmf-DW1OXVplqOrARtD98uhtSSJvDELHhVKSe1S65S1lz3yj7btJ8ok_rR55l2m2z7ETGoGMhU52E9OoXcgJH_iKYCdfAD0gis4MSVTT-PrGsnzipr5EMarn9Vrd92u7ATLFyrXIB57zMspg6goL8Z9ifeRqNi2dBUOhwTujkB8senIUnvwz_sFlPZg1E11gdEE_u5rB4FIRVaH5zbjh5WoF7WrA7A3ANLf-P9KlAukaedQ0yYRZXBsmHscOfm4ydj_5XWNQi1JpznktSL11Th7uo5ZV7asWTPcW1ELBnsxMNxYU2IGZra5Aryc_MzVcbAhcu4hSlhMUZ006y32kPL2Q8na8UdxNE1193hwuFWRI-aq0miF3ktE3dLpt1vEIEckiLAAcwRZANAB-KaGZDZh1Hzb7EG2Mpi0QR5HQC8XaRqFUQdhtC8yk0OPn9fIdHoZpA4mwLlHcb9oAQy64iA0tGdIbm4wPHZPDl6nnQao_y-rDYAqsjtZFE2ubT9Ka04SiKCoWUImSYn-CwkAnnG1dpJPpHy72KLdaEcND-1uWV0nXPGAYAWuA24YTmH_8AHtguN02KUujZ0r3Jc0YaTcG0auWcN6YQWWaoMvphlvEl4ac8N-2e190WXMamwsXuSzMN-Eh0rIw63uB8XAcLt8CGVfOtWgXRstbaoRGTmuRSl1W7CZ_6EhjfKb8HDv8RBmSgrrmPv&cid=CAASBORo0Yg&exk=2121067367&rfl=https%3A%2F%2Fwww.gismeteo.ua%2F&a_pr=13:YvRi9wAAAAAVmck2pahUnWFzULBJOPxk0ASiyQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 01:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0FE3 247 B
962 B 192ms
62ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3ee92a43fad0826c4166fd9845f312fd40918041fadd3fd6b6939f9a95a43d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-jShsypOs04_eDMzIubMT5Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 073D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c09f6f272247e80f6d4e24539097da7c11af9b389dc22d29712ef4c332ba1f37

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A7E8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

82ms
81ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:01:29 GMT
expires: Thu, 11 Aug 2022 02:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:01:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 65ms
54ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?oz_pl=1&ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&_x=1
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/974276/analytics.js?ac=1859364&ap=&bt=programmatic&cb=6681043333196374366&cr=8409792&de=2&di=www.gismeteo.ua&dm=300x250&gt=DE&md=1&pc=39785&pi=8409792&pp=186102&pv=33fe19e2-7714-4723-bc15-f63fd3761319&si=657865&sr=indexexchange.com&ti=3&to=3&ui=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 04A7 170 KB
59 KB 197ms
54ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
Origin: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 11:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 11:11:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 04A7 8 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4LfZUef3UbDw4VGrDog8HWFOUOOFueFv3csBd0Ksm7YW75MN66Sp4iBN1PX-XQbhvrdsHsx-XE5_o9POcmzukwsahe1tDPbGQ5xSZCbhSohHRV8DXOMTgGwm2lsxJYsMKBzaYxvedDdfR_7NbEKTqjCI_w7iEqkVAKAmf-DQUZp1M6LbqRSk7IRcxb1Z69gY8FZhh_cWSUa2bTI7YO0RBUG4IFaI_cC6d7_OtrWQw_axSyDjAyGzAU0o2wtKmtfGGml8mEYzOt-hwbz6ZEwW7O4qFsHi7i1hxqVl6_2n41ihdsH565yKTSQE2WxnyN2_F9er3-NLF5rtJB_Tsq251ZdPGlWxoSot03JdVYlVCY7ErUn5vxgcxjKj0GmZiQaupt8mRQNdZIMKqixcv2R3xFIZbZjZiZ_SZuQWvDRyCsNHQaQzkjI-g1pdec70VTgiwSwUCIRwkBVt7hFbN0zDCu7zoAVuQvg5BAodYfLqkMzN8yZ8xoCtjM87OrZeVuuOwxL9IoOsl6x2ZH5A5EAI1qG56orVNVL1DTJ4P5PNCykUnONj7qiaLzTQWawI-rlJQmT3xYzWlXF5D_DkxjBdOhobyn8tElGIYOTxRIRDa6F0-m3NjjbiTORCG2VnoCk10PenZRlXO-sZDa0_cz5OxGMpdvmnQ9gnm8OvnJ5ZvaLRa35cJjrSWyTdQqEbncCFk3Jn2j3tknbUQyi8Z4584wWU2QfsJm8IuIf1fxvaDp0mLKscgcAMEhuE85gPT3rzVxQqbT2pqwxJMRcv77XT2Rud6Lb0uXSJWwc8PVEQLvKX2vVsNkRfWXNIrrthIenS10L2qay3PfEentlnAvx2eQf9Fz5oVPnoOOh_1p-rQhCbU7gR0ZVatw1bg2Z-ZwuF7J8vpG0fl8skUsp6R9CfHad8b3ofQ7-MhI6bqdZoWVLc8WRpsvB8LKKJd4wiixsP8oYNxcAEtoOAVzpkNdtXZBmGbsIkbEJuEZDI-oCEcIjNb5DEH6o_V53BvHQ_w83eWUOaNuZaT_pQNcTdRvL0xgOqh_d03quV0qUpZOZ2drId9fxozWbQeKhi85A11VC3dL34uBUu9-GgMvNK_AdlOXBCRYghpK-KmkAfmcAIB7ef5Nk5782sfVx6cSBVIa2cHvo6l1CAZAdWQwFLJuPYAZMuBBH7tux9j51tzw53FqS6Nb96UoKVq4MRQHMcfLKOq1KY4nX1kpyw4enTr_5rpFOeKi_j3eOm4TTRHz2-b7VbbF1M79kQlJmmuYtwBfyePgwgWi_oVu_kaGzH6BwnfNZ1vpGasVM552cBV6IXvM6ahALtOS1j3APgvWHiMGCBqlSyjBSaNeuxYzvcfjV9qHMs7isNnncNqz9A61AyjtuKRzo-Dml5TaIWsrO7f4Y1BFx8FdrMkrLiCe2KdTpXu__DZChKMvbTRwYYra-ll1tbd7R1sE4vk21gvMAbF7yUniWyROJqHEoEEFLaKCse0zJVumyHb4aduHQ-iAJNMfrOxclW_bNh398RbbBIYu9S5ns30-2XkxAj3Vp7ZG8QObpg-gy0Vcc404GYFs-xORj6aqhhkrC0_6szh0PMcswvfVd0aOpEFKgsDXn6pCMlyYRZiLX_0cZFc-KPqjF-jSbSYA07lGFP30Pyc-0AQscFk3_aCCSOlCkbwKfWpjUzi5kWURAei1IXVfnEp-Y0pGTR01mnCqMLk2a60-cXCx2nZ69y78b1HpfuuK7eb2CKDKx7CtY7scR2tvBaOMj2EdtZGEFv00ZyRZxn6L4PpV8fLx9TstHWVy3qwsGpPQELFnhor31aACwxlzawKjK0skmQcEY4KmPsqHqyuFb_-oHjKliMo44zoJx_C_yW6T75A2ilFN4D9J0-jq4yFKb54Tp5scJSLdo0JW2W5l4g4quc5BkPNj3dGFWWWL3_iJo3UFhNUHfsMC4HtyJAi42hfgRgQYMH9AuZiSxWxlGrT9KWMY1FaBdjWrhCBE9njZ9PFbjVP-NpantshS3mslMWOxmnCfVsVYUDSXZfT0jvC5y2uXoIRDNvcYs95AI0UWDHcNvQAduws6YYB-GKMR2Eu0eV-qQFhPKU5PQui5A3xHr-zbkqt-qzHe9flNg-5s_AWSZc-z7y9z7_iJNjLIkf3HjqjqKuCtX5x16vdfl-66WdU2_8xPvG3jZlRgi_BSnh0x_6VTl5N2wggpA98WnHEF9c247pYfURQP_CnoXkEb-nGiyuxs5ggixXzbLQ60BEb8-eZzGrhyvGU_wyGDsyaqmD016VBan6CWndfFVoLQfkBoQczhbEBYs2cSeRkSV9j3cvUsWbdNMPfnt3UBySX3RqvbjhQ-sVHo3QKhdjDK0MWXmR-StDU30uUymB5_QbeUl5PbTlU1lg94YhwBNTFouxyaJ8X2uu1axovvgK92NGx0JG4ViNonyzIzXwoJMlnnymmPKaiTLZCnwkTIias3AFjp7cs7TAi6bX4PGuGCkYYRVQ_Y4qsog9Jb4pK1HbGAzFSaVD3Lwpn_4f_6qQJYsWLj5gzyIIuWS4KnxMOw1wOFwhFI6skN3uzqNPLA1zX7imZ70uVmvK4MCY7HwqQGHiL5mMQ2S8xu9kcdZhYg1lRGN65VyU4RNWzHS8PKA21UCtISQ7Uockcb2xOQpUhB5B0CwpNYSCGD9mTjMj7sPG_5zNtlx5Q5jdTjnMi01EYj_O2cMq8kfyO2vFvS3Mm9OJs_T8DOPbkJTR5te8MQxpCcsOlRthExj7LLpOBcMRXP135pHWox7rmHjd71RWXnmyoKFmCxUBaM9LNeClM88JsT-QNEgR7uv90wOezQu-w-gdt4c6V2S6FI2fo8vUM0Bs0jd8TvXdBqLjbMwXxkVFHF6LftXYCVf98lyQh2FUcD0qYFzksT7P2T7VSn2_XSUA0jjMAddCwi0HtQWLK3XI6H-DkNzGaz4riowhqYzSLeyrn5rp0tmQmE6C95clygmV3Pd5zdka0_gCv9K95N9k71fnINubAhU01Sw_8C_z5YV92AC14VhbINCn7a3A7Go6IASPIAoqjFHLDu_5eoieuqYEyiSOWXraugKiPupVXJ0f3WAVP0v9fXm1qi6b5tzsIaadjuiJ89mDbmEzc2eboo07VgjKPBfFTwk0nKvB34gKUM0aYVWCIiHq0VtsCK6q9SuSyIqLWjpLDEtcIDRu9qxSOsUBZ5WTkGKHhMyD3BbEpk0kK74jFCRueCaQLsGmfGsGg3GbnLHMxDOcaaN8XamUDMly9v5niFnrF0cEi5E1PuOrxAjE6bX-yTFs0meFV4DxKZIlMcJhn7VurAtxDAhJ24T_oLVWfgipJrPC0J3p6i6fG21qf9hW4y3cbXChT5oF5pjmIrURGGf69Odbn7tlDIEAINU4S9jEfXHyivwENRnc2LOh0EwEU1aiuwh11X73AGviXxsTvGT3Z8Ws5-cUOB2X4XJUuIlVziSyuDUGd8Zq9xhcnFiwxEeA4CR79eDyzdQPmL9W-1O1nonzjLFgr0dBiLmZe6NySh3ysA5D7pn2vDkGPk0BiCRtOKTbwjDo8_gKWvabnr0V3W155Tt7lcWFRyGZ-qPSGu5l4uw52Jwb_r3FyOI14w5XEXaPz4P8MMQ9HAcEpgriBjIjSkdpCZsr8yemTwUpS6hJ0T9rLqfEFl-8dl6RFAoMyLpKqKaRm4BM0ichiGUcl4dRGSf8i7gbIiJ7WY3xj395RMnoeS6Y10syCE6p_YWRo57lxGfxUWSTE0OlmPE8V5zy33DcTEBJHA-Cd9oBtsxwFg4aKwgAEifkaOUl5QKb3tWP4exloTJDsnWbHVKQV0xOTxbhyFgflgc738nowCJgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-0511822087518170&ias_chanId=1&ias_placementId=17668708710&bidurl=https://www.gismeteo.ua/ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ixX_j6L01_btP_fHWAn1Ow&adsafe_url=https%3A%2F%2Fwww.gismeteo.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6d6723ed-3165-6f92-dac2-30f92b069144,c:kWzgxL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8674f54cf9-qdcbj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:audiit1,mtim:3,mot:0,app:0,maw:0,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:838ee41c-1919-11ed-9dfe-16f2308c05b6,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:48:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 04A7 30 KB
12 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
server: cafe
etag: 9647346768486398696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:24:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 771C 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaDwu-WL0YuGZAsfk7gO80bQwAAAAADgB4AQC&bg=!aWqlai7NAAZGjrx1Zo47ACkAdvg8Wpd91y-biRUjLD6qwcomY1hs7LrQFi7hD5KXim21Rp3BNmc-_wIAAABcUgAAAAJoAQeZAvGNOY7PZdNNsf-z6cLvudCH329uuBaFmgtJPWvsRmVh0RJ4YiOj3QNbnnBkVLrbHxajvbgjSpyR_rjcPzsIafA7U5JAiCRrXwqxs2owTWBKSZwD2zSoPPFOofbUMTUhYpkvmuGQJXN3DLbBDOqEVf198ojTDkL9XvvngB9H9W-gdOj7RM0gVtSyCsyxk3oFp6ucmpC37GqxLZqgZRlmWFboFrJ75TmVEsSjUTKLjI5o2lHu7H6854EGNG2keVTFbNhFhDsD2ExNJ692cH2c1Bxn3QBENpwk97vXRCpFzf2S00LnnBnoRoiCVmCVBOpAoOp5RvyHjPylXXlmF8KCvDjNQnfuZCNRqzRlU8Ro6nG19I8Q3FqGjXpFz5ZdULyNIyt3TRKzlgx7u27O1A4mQRE2TBI1lUWD41yHdd3Eva99dFnR5B7YX_S7d2lcOQrygCqgzO_gdTNokzxYcjZpX_NMFV8VNodxjNYX-20rnaSOwmIqX6zRDxusXMhPksmVvhdWCoJYGU7oFagP3WN_tTxadLGXKGval7ey2wjtCKVqKOqvS6LJjY2-X-osedTlfEyhGMw2pZUV-jNm4_w5ZQERN1TNrECAD6-2OTI-iQpX2U1NMYxKKjZUrUPnqDBo4gnLyU7PAQdzziygsUpbTTK9HT6dcHRa-eKbO90wd4SHMIe1k5mbB5sVoM8FfGHe4ApUJkI0x2zKWk4O3ufViAqJHuC2JOiWhdHQnfgQi8TJz91zpImp_l126apk0S4U76ycvAK8PinJpLPY4dQjw1tny4Bi-5CmMC7BwRyBsQMvEzAfqYWnLhvWWhod6T3W6m-EsULGsYfSCIHPRpYmsQQyRwkJ1TtmYu9xkzKKisHV7Q5bDSYGVIeqHfNIEcrY0OgX2BsPaAho0C_gWRNOalovUrktZRQ-KodPIFM_IrHOt5BYjORO8qwpIcemtgMnw1WMwRl6B32C1_7A1_TnTNu1c8ew1r83O64t1JxrhwDEfX8

Requested by

Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 102ms
54ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&sid=AXFJfWUKEPJ3_ZZv&oz_sc=bb47c609c8bdd02984c72a66&oz_df=1660183289578&oz_l=214&cv=3
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 iframe.html Show response
p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0FE3 4 KB
2 KB 171ms
62ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

edb993525a345c1dff73ef8a1709f2f3cd74760f1f9327fc19f067450a8bb348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1863
content-security-policy-report-only: script-src 'nonce-8gIVBMQD0DXFXhP5kiwjsA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 04A7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6207c8cced34c96e2cde34a3dbc7d9e55cfd41f34e1daa1fe2e8b40b37fb52d4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 8eea804c-2e52-4ee5-9d84-34e9a61c4833
https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/ Frame 5E4F 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/8eea804c-2e52-4ee5-9d84-34e9a61c4833
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 04A7 43 B
215 B 195ms
195ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=6d6723ed-3165-6f92-dac2-30f92b069144&tv=%7Bc:kWzgGG,pingTime:-10,time:573,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660183289758%7C%7C45d163558c1ce28224614db9cff5ebd0%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C4088ea40d59d9022d1c9e06ac81706c6%7C%7C961e85ef1ea29184a053f0ef98da71ca%7C%7C34431c1185b28cbe982a7834acaf860d%7C%7C1c2dc10cd260047a00ac1091dcf99c29%7C%7C6c89945746b9001aad6b3baba97ef99f%7C%7C1629390669,im:%7Bpci:%7Btdr:506%7D%7D%7D
Requested by: Host: 9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
URL: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:29 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B46 0
0 200ms
90ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz1VJrlL5Vk0p-WkRW34kRu8jQPl0-fQfMMxYWidmA5x0SWs745UBAJhuMwwT_Xt0XFQARM7-j1ZZj8y6rtcTHVwRH-VQmMFq4qvylCXucVhoYwuHfWnke464TxmelHABMrgkYVlMmrCaxz4ZPDizw9SZpNmZQmKFNHGn0U0sISZ1RiIQmjzcy5aLeUqpTYYuHvYJ-MrzF4_BxxJBuTAZXjpyui6FCcpw7fq6Bu2npViJnL-0ukl1rVLPj9wD5OCUo9sxP8bGUYyufb0xDdwJ8x3Wlh-2MKtUXaqJ2phjtfJVsTPEP5FMrMzIfnBeRet2mkVG_roEOG8hDqUtyoRtQug-i&sai=AMfl-YRRf7QT9s6CTxQBHX4AMhKYXl5DSR1IO6mmmE37Fd6LtmHiI3hWd_mERHIlk-x74EQB-TrcWAudm27G0dRkCMHjvYmJqF8XWX7q0aqF4JH2lI0j3E6kZg4-GkdSyYm9tA&sig=Cg0ArKJSzKe7PbOv18JSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 02:01:29 GMT

GET
H3 200 7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C92 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14169
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:08:52 GMT

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 55ms
55ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&sid=AXFJfWUKEPJ3_ZZv&oz_sc=bb47c609c8bdd02984c72a66&oz_df=1660183289827&oz_l=4728&cv=3
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8194289394266406912/ Frame 9E04 3 KB
1005 B 173ms
64ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b4446b088b671a0551c227061dc3556c5919661d0b217a1f90c0ac5ec03fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 977
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:30 GMT
expires: Fri, 11 Aug 2023 02:01:30 GMT
last-modified: Tue, 30 Nov 2021 23:17:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 04A7 0
575 B 220ms
91ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvx77-PiYwPO2YaU2EKrNtx1uQ1-jzMiTS3mWgXDDJu3mTxzAyBzWo1iz7ieA-05kt5CnmWE24gDWFOogs6qG74vXyAGwY8Ojp2pQdkHr0qA3HKyNxKIgS0P1HllPd0TMRff-LDaMMOU5ocA&sai=AMfl-YTtcWqaL5bnGE3Kg0i97l9nJe_5ZM5FbWWqQROiidlbAIZS6REUdzhB2-jcbRTet1WEoE-ReGpi0mBzPStRFtZ4g6y1CSsTw5ygPTL2kwEElQyRYoqNvfvUjrKdMuE&sig=Cg0ArKJSzKyJ5nyPgcLZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=335&cbvp=1&cstd=330&cisv=r20220808.42629&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 55ms
55ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&sid=AXFJfWUKEPJ3_ZZv&oz_sc=bb47c609c8bdd02984c72a66&oz_df=1660183289994&oz_l=1670&cv=3
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8194289394266406912/ Frame 9E04 478 B
304 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8194289394266406912/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5625d5bcd517d85dd87fa8cae8d149220802b7c1697bf5f8a9bb551de92cde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 00:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 23:17:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Aug 2023 00:41:13 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9E04 118 KB
40 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 16:26:05 GMT

GET
H3 200 dynamicBuilder.min.js Show response
s0.2mdn.net/creatives/assets/1951882/ Frame 9E04 9 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 17:00:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:15:22 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9E04 60 KB
24 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:01:30 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/8194289394266406912/ Frame 9E04 2 KB
842 B 57ms
56ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8194289394266406912/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b93375608ccdd64e2d47f13e20fe34c7eb801b4658b111d0fa173112340a2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 00:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 813
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 23:17:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Aug 2023 00:41:13 GMT

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 57ms
55ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&sid=AXFJfWUKEPJ3_ZZv&oz_sc=bb47c609c8bdd02984c72a66&oz_df=1660183290146&oz_l=522&cv=3
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9E04 7 KB
5 KB 65ms
64ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

920f9bfafa5d92c5b8c96bafa71681a60d34418e5ddcfbd06de5c23b622284e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5482
x-xss-protection: 0

GET
H3 200 263175629188549255.json Show response
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 19 KB
6 KB 63ms
62ms XHR
application/json 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3543456/263175629188549255.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cba8b10409c5c4fa6052e0395c960a61fb0017dc08fb3e7973d5fb48ef4c7daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6329
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:51:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:16:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 04A7 0
26 B 199ms
90ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvx77-PiYwPO2YaU2EKrNtx1uQ1-jzMiTS3mWgXDDJu3mTxzAyBzWo1iz7ieA-05kt5CnmWE24gDWFOogs6qG74vXyAGwY8Ojp2pQdkHr0qA3HKyNxKIgS0P1HllPd0TMRff-LDaMMOU5ocA&sai=AMfl-YTtcWqaL5bnGE3Kg0i97l9nJe_5ZM5FbWWqQROiidlbAIZS6REUdzhB2-jcbRTet1WEoE-ReGpi0mBzPStRFtZ4g6y1CSsTw5ygPTL2kwEElQyRYoqNvfvUjrKdMuE&sig=Cg0ArKJSzKyJ5nyPgcLZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=650&vt=11&dtpt=315&dett=3&cstd=330&cisv=r20220808.42629&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:01:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
208 B 57ms
57ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:01:30 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
BLOB 200
OK 5ff0cce7-462f-4fea-891c-4b774c82e8a2
https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/ Frame 2806 787 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/5ff0cce7-462f-4fea-891c-4b774c82e8a2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186456f68e798b6aeb8c250949d5568673a796257bfbb9ca6744c2c00d78c324

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 787

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E04 17 KB
6 KB 387ms
387ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:01:30 GMT

GET
H3 200 logo.svg
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 148 KB
41 KB 55ms
55ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41539
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 13:50:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:09:07 GMT

GET
H3 200 b10f5fae283f34a74e232ef229f6330d.jpg
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 60 KB
60 KB 78ms
78ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/b10f5fae283f34a74e232ef229f6330d.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

956cde7966e9c20d669af9e9e052058da4a9afbbfa30392750cea1f04f8628b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:57:36 GMT
x-content-type-options: nosniff
age: 234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61051
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 14:48:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:12:36 GMT

GET
H3 200 6287f3b21ed6f4775c7ce1a88be8c183.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 68 B
94 B 77ms
77ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/6287f3b21ed6f4775c7ce1a88be8c183.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:54:07 GMT
x-content-type-options: nosniff
age: 443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 14:45:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:09:07 GMT

GET
H3 200 NewsGothforPorscheWTT-Reg.woff
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 37 KB
37 KB 67ms
67ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3543456/NewsGothforPorscheWTT-Reg.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:54:07 GMT
x-content-type-options: nosniff
age: 443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38192
x-xss-protection: 0
last-modified: Fri, 08 Nov 2019 14:28:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:09:07 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 9E04 59 KB
22 KB 155ms
50ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: www.gismeteo.ua
URL: https://www.gismeteo.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1838243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwtUhTTcyLULS3AwFAZLPbIilA829AobdJ9ykJyV%2BXOF2ZwkWLT2IVn7XKz0IzONyoc8%2BSF2p6N0umr2FtE9h4PLvX58w%2BNDdL6bXiHqrhqe1H0V7SGa6l8XzEmADzxqpzf%2FRiJXMVg%2FicL3Dro56l4T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 738d623d3fa8405e-LHR
expires: Tue, 01 Aug 2023 02:01:30 GMT

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 57ms
57ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&sid=AXFJfWUKEPJ3_ZZv&oz_sc=bb47c609c8bdd02984c72a66&oz_df=1660183290310&oz_l=677&cv=3
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 63e0334143ce3853f86e47f6c63263a8.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 15 KB
15 KB 142ms
141ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/63e0334143ce3853f86e47f6c63263a8.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16de06fe6fa400a8301610279e26648ca4dcbf8637be36a1440aa18c435c3492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:00:11 GMT
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15357
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:51:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:15:11 GMT

GET
H3 200 e2e76600622ac39b2db6f7e0c9468647.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 16 KB
16 KB 70ms
67ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/e2e76600622ac39b2db6f7e0c9468647.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

991018d7dc531712bf0a3f814e49b878f7dfd7401705ae41242e8e51a63a141a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:00:11 GMT
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16315
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:53:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:15:11 GMT

GET
H3 200 ef1cf8fe61593dd6defcd740eb598631.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 14 KB
14 KB 100ms
97ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/ef1cf8fe61593dd6defcd740eb598631.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16e31d0089e0403b95c078217872abd11e9f930e7a7759aec7a5387fee7a418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:00:11 GMT
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13947
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:53:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:15:11 GMT

GET
H3 200 e3b6a78b9bf15ac3ed44f2d5470f073a.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 14 KB
14 KB 104ms
102ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/e3b6a78b9bf15ac3ed44f2d5470f073a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a6a058823e1941fb9dadac766ca12b03b0dbd6db856adfeb19bab11bfb53cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:00:11 GMT
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13996
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:53:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:15:11 GMT

GET
H3 200 12a037491e737e30df7c46121ccd27c9.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 18 KB
18 KB 88ms
85ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/12a037491e737e30df7c46121ccd27c9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946226d61cf1a4bede27df1560a5db69f5a71c8d4fe238cbe4c6b771cc022f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:00:11 GMT
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18167
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:15:11 GMT

GET
H3 200 7597acb361e1555c15497436f113bc31.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 14 KB
14 KB 96ms
93ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/7597acb361e1555c15497436f113bc31.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002a803dcfb8277a457c082b711c5b421228c403cc814eaf91263619dc254ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:57:07 GMT
x-content-type-options: nosniff
age: 263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13979
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:12:07 GMT

GET
H3 200 31c87b0801df194094291696f4219185.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 16 KB
16 KB 107ms
105ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/31c87b0801df194094291696f4219185.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557811357338530599a2c8e521f644b0d1a0e0fcb0c15d0875a7ffae38b151de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:57:07 GMT
x-content-type-options: nosniff
age: 263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:12:07 GMT

GET
H3 200 27125d2419b34f778ee336c704478350.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 15 KB
15 KB 112ms
110ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/27125d2419b34f778ee336c704478350.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfc0cb7e95a5d1ab3b6370474546916b96392167fbe192a25aaad121e4c19912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:57:07 GMT
x-content-type-options: nosniff
age: 263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15271
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:12:07 GMT

GET
H3 200 d55e04c5ea8494561d43de20f83a1a7e.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9E04 14 KB
14 KB 115ms
113ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/d55e04c5ea8494561d43de20f83a1a7e.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

966b455649872dd789acc786aa043c38a8f8a922926762d2dfc063baa5e6874d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=2de4Z4SFwS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:57:07 GMT
x-content-type-options: nosniff
age: 263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13949
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:06:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 02:12:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 073D 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqyswxNRvEzoMTVPc2TYeJYyyNLkpKxfek738a6q7Jp-wB2Wl0v2mNkY0e50q8lh07EqTMhG9C6FLl7JmsI1kVS5ijbfa7PsG1TkGmEQfcvh76j2Fx0B-i1A1wBJ7RLACHh0KJGd2n_jRo&sig=Cg0ArKJSzIu430CmeNtPEAE&cid=CAASF-RowXUxPPH_HVQMDIwApN96wFMb8LP_&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=679892651&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660183289068&rpt=352&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 55ms
55ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&sid=AXFJfWUKEPJ3_ZZv&oz_sc=bb47c609c8bdd02984c72a66&oz_df=1660183290463&oz_l=4711&cv=3
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/ Frame 2806 0
145 B 55ms
55ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.indexww.com/2/2.66.1/974276/AXFJfWUKEPJ3_ZZv/postback?ap=&cb=6681043333196374366&di=www.gismeteo.ua&pp=186102&ci=974276&dm=300x250&pi=8409792&si=657865&sr=indexexchange.com&ui=&ac=1859364&bt=programmatic&cr=8409792&gt=DE&pv=33fe19e2-7714-4723-bc15-f63fd3761319&ti=3&de=2&md=1&pc=39785&to=3&sid=AXFJfWUKEPJ3_ZZv&oz_sc=bb47c609c8bdd02984c72a66&oz_df=1660183290649&oz_l=398&cv=3
Requested by: Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9FEF 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 31762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 17:12:08 GMT
expires: Thu, 10 Aug 2023 17:12:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 085A 783 B
535 B 64ms
64ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f508248fa4625d737b03bd371afadeb7747f2008425dfcfcd0f01df2d606958d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-283wucjjMnWODcDTIZPrOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-283wucjjMnWODcDTIZPrOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:01:30 GMT
expires: Thu, 11 Aug 2022 02:01:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 04A7 42 B
64 B 91ms
91ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1a-rKJdm46RQc4cWAvX1w-Kl6bnu6yZlJU5rEwWLaFc3qkaPQ3WsgTx2h-fZHDrQ5GmxVTO7ZXhwggfmgrW94bE1xpwSsK_X8g4UpzaDe9d0RgLwHj0a4H1kBfFmDMRBK2JU_rHOmv9wGDQ&sai=AMfl-YTqhDMHwth7fjCgIwuHIKvS1rHTZke42ef78PSu3eB7uHLACXlzRZrMmGIeVC2Tqx6nRmrUbU0zYdUjLW4T9s4L4JmdGlYEyD5n4sgwbjyHgDdlHq2tSAs3b18UdhQ&sig=Cg0ArKJSzEeUSvZTxCHBEAE&cid=CAASJ-Ro5SXlApve1Y_h7GWhMkOydZsdUpBXTE5PFuHIWB-WBzvfyejAIg&id=lidar2&mcvt=1000&p=150,1249,190,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2373899931&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660183288704&rpt=969&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0ED4 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14169
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:08:52 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame B74C 0
91 B 69ms
62ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 11 Aug 2022 02:01:30 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 373C
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=f3f9d49f-f295-4dd3-a4e4-c4f186bc4fd8

0
404 B

860ms
190ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=f3f9d49f-f295-4dd3-a4e4-c4f186bc4fd8
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 11 Aug 2022 02:01:31 GMT
Etag: 6102a2166880e225
Server: Adtelligent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 738d623faf8675d1-LHR
content-length: 0
date: Thu, 11 Aug 2022 02:01:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=f3f9d49f-f295-4dd3-a4e4-c4f186bc4fd8
server: cloudflare

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 0BC8 852 B
1 KB 62ms
61ms Document
text/html 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: cd418834729de298692e48148657b0905bab4ce37cdbbf378c60b0739a923bd4

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 852
content-type: text/html

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 352D 281 B
573 B 189ms
54ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 02:01:30 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A267 52 KB
17 KB 241ms
58ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 11 Aug 2022 02:01:30 GMT
ETag: "623de86a-cf34"
Expires: Fri, 12 Aug 2022 02:01:32 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 03A3 3 KB
2 KB 241ms
53ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 02:01:30 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 507D 38 KB
14 KB 196ms
54ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=21083
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Thu, 11 Aug 2022 02:01:30 GMT
expires: Thu, 11 Aug 2022 07:52:53 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 d
ic.tynt.com/r/ Frame 3CC9 0
0 389ms
127ms Document
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/gismeteoua.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://www.gismeteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Thu, 11 Aug 2022 02:01:31 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
352 B 176ms
62ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 918446vnvgqqbmevqnk4hvmh6kqs2n0t

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 260ms
56ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 249ms
91ms Image
image/gif 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 190ms
57ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 02:01:30 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1660183290874
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808042249

70 B
265 B

174ms
55ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808042249
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
etag: RXf2f5e53e80fe42dbba6aa0a71699cb0b003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808042249
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H3 200 7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FEF 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14169
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:08:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 085A 0
0 87ms
87ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080401&jk=3539295530524129&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 04A7 43 B
215 B 196ms
194ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=6d6723ed-3165-6f92-dac2-30f92b069144&tv=%7Bc:kWzgXj,pingTime:1,time:1604,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D,%7Bpiv:100,vs:i,r:,t:595%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1009,o:595,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B589~0%5D,as:%5B589~300.600%5D%7D%7D,%7Bsl:i,t:595,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1009~100%5D,as:%5B1009~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:283,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 04A7 43 B
215 B 197ms
195ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=6d6723ed-3165-6f92-dac2-30f92b069144&tv=%7Bc:kWzgXj,pingTime:1,time:1604,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D,%7Bpiv:100,vs:i,r:,t:595%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1009,o:595,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B589~0%5D,as:%5B589~300.600%5D%7D%7D,%7Bsl:i,t:595,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:283,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 04A7 43 B
215 B 197ms
195ms Image
image/gif 2600:1f13:800:7781:b014:6cd:344c:1dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=6d6723ed-3165-6f92-dac2-30f92b069144&tv=%7Bc:kWzgXk,pingTime:1,time:1605,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D,%7Bpiv:100,vs:i,r:,t:595%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1010,o:595,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B589~0%5D,as:%5B589~300.600%5D%7D%7D,%7Bsl:i,t:595,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:283,fm:teabTjz+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18%7C19%7C1a11%7C1b*.1103447-64557513%7C1b1,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:audiit1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b014:6cd:344c:1dbf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

bidswitch
event.clientgear.com/gogocookie/ Frame 0BC8
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5be1cbc7-b9b3-4391-865f-8a89a423e76a
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5be1cbc7-b9b3-4391-865f-8a89a423e76a

0
105 B

118ms
118ms

Image
text/plain

47.252.78.131
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5be1cbc7-b9b3-4391-865f-8a89a423e76a
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:31 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location: https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5be1cbc7-b9b3-4391-865f-8a89a423e76a
date: Thu, 11 Aug 2022 02:01:31 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

match
lbs-ru1.ads.betweendigital.com/ Frame 0BC8
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D%26callback_url%3Dhttps%253A%252F%252Flbs-ru1.ads.betweendigital.com%...
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=9785f0c72ca142689b8deeac1abfaf9a&callback_url=https%3A%2F%2Flbs-ru1.ads.betweendigital.com%2Fmatch%3Fbidder_id%3D42122%26external...
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9785f0c72ca142689b8deeac1abfaf9a&external_matching=1&forward=0

68 B
607 B

286ms
94ms

Image
image/png

88.212.252.22
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9785f0c72ca142689b8deeac1abfaf9a&external_matching=1&forward=0
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.22 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9785f0c72ca142689b8deeac1abfaf9a&external_matching=1&forward=0
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 0BC8
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0zZPFnvHURM.AikABlGCiqKkwg

68 B
607 B

61ms
60ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0zZPFnvHURM.AikABlGCiqKkwg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f14-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0zZPFnvHURM.AikABlGCiqKkwg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 btw
sync.dmp.otm-r.com/match/ Frame 0BC8 0
69 B 196ms
58ms Image
text/plain 195.201.152.104
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=c4a0dfa7-98f9-52df-b513-cba0d7e7a957
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.104 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.104.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:01:30 GMT
server: nginx/1.17.6

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 3C74 4 KB
1 KB 261ms
53ms Document
text/html 151.236.118.210
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=c4a0dfa7-98f9-52df-b513-cba0d7e7a957&CACHEBUSTER=234316
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 11 Aug 2022 02:01:31 GMT
etag: W/"60bf907f-ee9"
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 311
x-cdn-request-id: 44291cdc9d0fcfe73216e9906d557c6d

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B46 42 B
64 B 88ms
88ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu61rNs3mTsQqNgg2F1aJZAoo6-AXBpfqHlYplNHAi5i6FAqQMsFCQyLv9Qj2W3aKLCmLJn0NeZNU_OXt1Ubnc4VlUix1M2Lno9OBa1gNIquXNyXVA-&sig=Cg0ArKJSzExPEwk6RYzeEAE&id=lidar2&mcvt=1001&p=913,480,1163,780&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2829782640&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660183288693&rpt=1108&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9FEF 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Zr1S4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 352D 31 KB
10 KB 54ms
54ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 02:01:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53140
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Thu, 11 Aug 2022 16:47:10 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 507D 0
42 B 185ms
54ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46280870&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:31 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A267 0
743 B 54ms
53ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:30 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f9822ac9-b970-439d-8570-4a799e214d60
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 98EB 2 KB
2 KB 206ms
97ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 140531016f59f2f8d0d1e94209e94cf70e91f794bb14dfd963682f659c947506

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 738d62416b3c7417-LHR
content-encoding: br
content-type: text/html
date: Thu, 11 Aug 2022 02:01:31 GMT
dropped-udsids: 241|39|230|46|218|88|196|176
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaX6UIfWw5XFkePHbV4RcWU8ZMQwht9DQ4%2BOrQhGiLztY7rZhn7vgXONQdFa2%2FjlCxTuwNo1oJfaDN0g39C9ZFpX1Y90sMwsG5dsMpPLiOQ6HbO67ETWWVzFI0KMIzzOlSAOhbMcWmHMMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2

200

bidswitch
event.clientgear.com/gogocookie/ Frame 3C74
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=30b886a3-70b2-4441-8a63-97e118142584
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=30b886a3-70b2-4441-8a63-97e118142584

0
105 B

123ms
123ms

Image
text/plain

47.252.78.131
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=30b886a3-70b2-4441-8a63-97e118142584
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:31 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location: https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=30b886a3-70b2-4441-8a63-97e118142584
date: Thu, 11 Aug 2022 02:01:31 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 352D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6OE9J2Q-D-4QWF

0
921 B

315ms
172ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6OE9J2Q-D-4QWF
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:31 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3D9979B663A246B488770B55DA2BC191 Ref B: FRAEDGE1419 Ref C: 2022-08-11T02:01:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXl7Ytcr5mbvtCvzRPW4Q==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6OE9J2Q-D-4QWF
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 352D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YEKD4m3cTZiYSvHbLz05Cw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YEKD4m3cTZiYSvHbLz05Cw

43 B
556 B

59ms
59ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YEKD4m3cTZiYSvHbLz05Cw

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BWD7VAK5M58QBH1YZRT7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YEKD4m3cTZiYSvHbLz05Cw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 352D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/BLCXMWvEzBFxbP2rODW-jQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516594510570665874

0
239 B

54ms
54ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516594510570665874
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Thu, 11 Aug 2022 02:01:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516594510570665874
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 352D 0
98 B 184ms
61ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 352D 70 B
264 B 68ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 352D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3ClkvZSM5OWLY7gmzYfIw&google_cver=1

0
239 B

55ms
55ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3ClkvZSM5OWLY7gmzYfIw&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3ClkvZSM5OWLY7gmzYfIw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 352D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPRTlKMlEtRC00UVdG

170 B
188 B

64ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPRTlKMlEtRC00UVdG

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZPRTlKMlEtRC00UVdG
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 352D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY1MmU5OTIxYTI4NTUzMzdmOTM5M2NhZDA0NTRlMDBkNDhkY2UzZg

170 B
188 B

64ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY1MmU5OTIxYTI4NTUzMzdmOTM5M2NhZDA0NTRlMDBkNDhkY2UzZg

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY1MmU5OTIxYTI4NTUzMzdmOTM5M2NhZDA0NTRlMDBkNDhkY2UzZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 98EB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvRi-Q80HdQ1jKe6AkuqqAAABKYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvRi-Q80HdQ1jKe6AkuqqAAABKYAAAIB&dcc=t

43 B
645 B

135ms
135ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvRi-Q80HdQ1jKe6AkuqqAAABKYAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3X75ZHRP984PN1KEGB8R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W0J7WPSV6Q42C4XXT4PS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvRi-Q80HdQ1jKe6AkuqqAAABKYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 98EB 70 B
264 B 57ms
53ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 98EB 170 B
188 B 68ms
65ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvRi-Q80HdQ1jKe6AkuqqAAABKYAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 98EB 0
0 169ms
53ms Image
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YvRi.Q80HdQ1jKe6AkuqqAAA%261190
dpm.demdex.net/ Frame 98EB 0
0 249ms
54ms Image
application/json 34.253.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YvRi.Q80HdQ1jKe6AkuqqAAA%261190?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-74-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 98EB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YvRi_wAFiEvUnwAK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvRi_wAFiEvUnwAK&gdpr=1&_test=YvRi_wAFiEvUnwAK

43 B
909 B

78ms
77ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvRi_wAFiEvUnwAK&gdpr=1&_test=YvRi_wAFiEvUnwAK
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 738d62444dd87780-LHR
pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOgbMBFlym8fkdYpzh4OnlmO8oj9ILvg6rcHBqHDWgiU9wPY1nsDybS2IdWJGOH6yc2Mz8BHhY37F3BSDjYYKRf8lxS9pl%2FYa4gC1Jq3Wz9%2BkHOtitNEIgomM2KgQf8Cl8Ka%2ByraEC38ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660183292.512307,VS0,VE0
x-served-by: cache-hhn4021-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvRi_wAFiEvUnwAK&gdpr=1&_test=YvRi_wAFiEvUnwAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 98EB
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
909 B

76ms
75ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 738d6243cd707780-LHR
pragma: no-cache
date: Thu, 11 Aug 2022 02:01:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBZxkpcHXdzrS0xFTv7DGuU6XNWdsIJL47ESNPWZ7GCwD6PqkIWxavWujcTfIt96Ztbh2%2BhIftlRRlSTy%2FxqbpDdKbaIrhjN8NxDos9Wa0hTHz8S1bwNan6HXWLMuJEUQxkQmlX8gMTSvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 11 Aug 2022 02:01:31 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 113
match.deepintent.com/usersync/ Frame 98EB 0
44 B 359ms
116ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:30 GMT
content-length: 0
server: c

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 98EB 43 B
425 B 163ms
54ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YvRi.Q80HdQ1jKe6AkuqqAAA%261190
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gismeteo.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:01:31 GMT
cf-cache-status: HIT
age: 64
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "902a3d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 738d6242d933f3f3-LHR
expires: Thu, 11 Aug 2022 06:01:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080401&jk=3539295530524129&bg=!7O-l76vNAAZGjrx1Zo47ACkAdvg8Wh2G6HHIp20D5aSP-TW3_3xH-v2fqbH7eO7X0QYK9AN21lqbAAIAAABhUgAAAANoAQcKAEXEuAxiA-uykZ1wKwMcwQC6yZiIio7Gj3cfyVxf1Kh2moX3secVvnKOR2TEcIdKbHvnBDBhckG5oehRJVR-wvaxauO50ZuZAq8qlHZ_9NKjIk5sK-IQeGTQU_tQrqxPjmhHv_C_Tlkq-9CbrBec5rvdj3n5Ix9IpCWgG8qoqSChBPwjWlTPtc2GBF4xBNvX3Swjk3SodiGLc884mMPDHShnpoxiTWs-SNPaJLTJBYnL3Mqs4IXIuM8XnoVPBC1HnAAmurubE46ciP4A0_NgC7qDtgM7c-2bk5UDt2z-SNZhLPkgrcS6hSNyB2QlsfDRUJH5SKQAoY3WfbPb7DA5Fl_SnMpAOEq9HudFp2DCa__0Mm59TIFBucWZ64E_EBZblJUzM5U3DF0NNJafeFgD2Y4U-KowrRkMrKkiiy70JhgTfTD82FK7uqgnmVmob57OPmkt8FtYID9lse0TYsXOEjQTUO9qIVLh7wQ2Yt9-VS-PFb50qeknv5_yrIcUms5cl6WRE3VSy2sk-ouZaLqdI6V7g-DyLCIXIe8uqJ5ULfgR-74MhPtMmrQuvj_fdGkttIY-_KROr1HqVwg3Fb2VaS_WRzekYbM28VkzRdjZyQqkExQ3MeY9SIxzeRC6ZNdcFUk3CpGimD2a5yQM4BUM0_f_TiL-OFwOZHIKHwH1uh2xquROBRNKzOtrcCGqn7cDXAY7NCsTWpeWXymSMHYlItVAIJy7Igz4nBWF4e8nWuxnn5d1SA5GCIpgWrTOb6HHG3dgh6MiQjJI4fyFlYFcOP6x-NLzXIPlHaPzr-77I3UnuZROvoRHiQAGh_1fbHXWTVx9kCrgmmrz0-WrizJuCmWJrhF9NZXK-ru6LWJSHYVwnHeyjSQC2URJmteUapVIj_gR32glKpgMJW-i0WsZ5HnYeOnHiAagCq8o0AynkD6yhic9a5Kj8VzOZQHfS0KGlno_x3QswHeGMbrjgf8vtxC1LEeqH4IkYEfqgjggnv7AM9GU1NZuePI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gismeteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

854b55fe-1919-11ed-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame 3C74
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARj7xdGXBqIBEIVLVf4ZGRHthuAAJZDAZHw*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=854b55fe-1919-11ed-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=854b55fe-1919-11ed-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=jD3p4QZBvbt8z%2BGNk7%2F%2Bcw&
https://an.yandex.ru/mapuid/adsniperis/854b55fe-1919-11ed-86e0-002590c0647c
https://an.yandex.ru/mapuid/adsniperis/854b55fe-1919-11ed-86e0-002590c0647c?redir-setuniq=1

43 B
108 B

101ms
101ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/854b55fe-1919-11ed-86e0-002590c0647c?redir-setuniq=1

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:32 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 02:01:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Aug 2022 02:01:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:01:32 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 02:01:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/adsniperis/854b55fe-1919-11ed-86e0-002590c0647c?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Aug 2022 02:01:32 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A267 0
743 B 53ms
53ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:01:31 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7b0d0f40-4725-4b46-a01c-998f31c63cd2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 55E5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
573 B

54ms
54ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=c4a0dfa7-98f9-52df-b513-cba0d7e7a957&CACHEBUSTER=234316
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 02:01:33 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 11 Aug 2022 02:01:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 55E5 31 KB
10 KB 60ms
59ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 02:01:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53137
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Thu, 11 Aug 2022 16:47:10 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 55E5 0
239 B 277ms
56ms Image
image/gif 69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L6OE9J2Q-D-4QWF
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET

234316
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 3C74
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/234316
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/234316

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tns-counter.ru
URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/234316

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gismeteo.ua/ua	1969-12-31 23:59:59	Name: Value: store.test
.www.gismeteo.ua/	1970-01-20 05:52:55	Name: ab_audience_2 Value: 96
.www.gismeteo.ua/	1970-01-20 13:55:19	Name: cityIP Value: 2433
.gismeteo.ua/	1970-01-20 14:45:43	Name: _ga Value: GA1.2.2000690116.1660183287
.gismeteo.ua/	1970-01-20 05:11:09	Name: _gid Value: GA1.2.1216404274.1660183287
.gismeteo.ua/	1970-01-20 05:09:43	Name: _gat Value: 1
.gismeteo.ua/	1970-01-20 14:38:31	Name: __gfp_64b Value: gttsWBJuRzeXLmNNMeq8n52tqURgLZObs4SFN.oP8yH.A7\|1660183286
www.gismeteo.ua/	1970-01-20 14:45:43	Name: cbtYmTName Value: fwRdFhtdRV1HSkpISUpHSkcdSE5KTE1GXQIN
www.gismeteo.ua/	1970-01-20 05:52:55	Name: _pbjs_userid_consent_data Value: 3524755945110770
.gismeteo.ua/	1970-01-20 13:55:19	Name: _pubcid Value: f3a72d15-6e01-4235-8295-cf428e2cdbfd
.hit.gemius.pl/	1970-01-20 14:38:31	Name: Gdyn Value: KlGxJMMGQMQGBVgRRrshLgcissGMXP8c25nSGhgoMKHmupMiGsRPIQlGvGQpSf48SsL8RDcGFsCBI8l8MG..
loadercdn.net/	1970-01-20 14:45:43	Name: vui Value: a7b08cde4f5341829105a105bc5712ee
.admixer.net/	1970-01-20 07:19:19	Name: am-uid Value: ac0b87f1c2474a2396a4b46bf2b96c7c
.betweendigital.com/	1970-01-20 13:55:19	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 13:55:19	Name: tuuid Value: c4a0dfa7-98f9-52df-b513-cba0d7e7a957
.betweendigital.com/	1970-01-20 13:55:19	Name: ss Value: 1
.betweendigital.com/	1970-01-20 13:55:19	Name: unm Value: 1
.adnxs.com/	1970-01-20 07:19:19	Name: icu Value: ChgIgpE2EAoYASABKAEw98XRlwY4AUABSAEQ98XRlwYYAA..
.adnxs.com/	1970-01-20 07:19:19	Name: uuid2 Value: 5165414565218591257
.rubiconproject.com/	1970-01-20 13:55:19	Name: khaos Value: L6OE9J2Q-D-4QWF
.rubiconproject.com/	1970-01-20 13:55:19	Name: audit Value: 1\|hLZGFuTafB19ZFUYOepLd62qEsFCZ0ctSdOhPT1GMTmBH6ymE720AMQMf6CEJNWlgwdVPxbSSNiU44bWCyD7G8xuhZpbWKLtBMWf8c70DSg=
www.gismeteo.ua/	1970-01-20 14:31:19	Name: cto_bidid Value: SPtDvV9uZUUwcEc0VG11eFAxUFR4ODVXNnNXYnFSRiUyQjVUR0FUOW9pek5aTEQlMkJ1anpmeVBoZTFNenpwTk94cHpYcmdhblNVTld4Q2dqVU1jakNEU3k2VWVqN3clM0QlM0Q
www.gismeteo.ua/	1970-01-20 14:31:19	Name: cto_bundle Value: 6ygLil9wR1lzcGRJSDJtTVZNM0YxNHFIVWtpS2xQdzg1bWt6MTBMeTlxTDhuekVGaXJ5T3BYc2FPVVRSTDE3Y0RBZGlxdjNOd3B1VHNQZm1KNEMydEJkVzJIall3MkJhbmthRCUyRlBOam94MUFmUXN5UllrM3RHV2tQamxTV0E5S3NjdE9s
www.gismeteo.ua/	1970-01-20 14:38:31	Name: __gfp_64b Value: nCyGynlWEYswsJVvuhgzqsAkxyV87AQNPY9GPF09xNn._7\|1660183287
.criteo.com/	1970-01-20 14:31:19	Name: uid Value: eba1227a-5ba5-4063-988d-3ed2322c96eb
.gismeteo.ua/	1970-01-20 14:31:19	Name: cto_bundle Value: U_2g_V9wR1lzcGRJSDJtTVZNM0YxNHFIVWtyUDQwSGRyYmVmM1dNSldacXNibUZXeFdCdXZLWFpGb2k1ZGJzVXdKdmM5RGhyeDgwSlNmQnFtMGFvRXhIYVJhZ0t3WUlpJTJGbnQlMkZ5YTdHaDAyUVQ1aWw3TUlXWHl5dzFNYXlmckFFS3VLaUJGVkRVM0FmQkNDQ01zdlRDRFNyQVVBJTNEJTNE
.www.gismeteo.ua/	1970-01-20 14:31:19	Name: cto_bundle Value: U_2g_V9wR1lzcGRJSDJtTVZNM0YxNHFIVWtyUDQwSGRyYmVmM1dNSldacXNibUZXeFdCdXZLWFpGb2k1ZGJzVXdKdmM5RGhyeDgwSlNmQnFtMGFvRXhIYVJhZ0t3WUlpJTJGbnQlMkZ5YTdHaDAyUVQ1aWw3TUlXWHl5dzFNYXlmckFFS3VLaUJGVkRVM0FmQkNDQ01zdlRDRFNyQVVBJTNEJTNE
.gismeteo.ua/	1970-01-20 14:31:19	Name: __gads Value: ID=2c34f688e3e9b673-229e8453edcd0026:T=1660183287:S=ALNI_MYeBn6F_7Rq8buHVDHsI8r4p5OgOA
.doubleclick.net/	1970-01-20 14:31:19	Name: IDE Value: AHWqTUnXA6-qoOgb9e7uFuDjhdBj2lIOpujgGsrBioHTOtA5ItilfCitNpvWbrNkyJk
.casalemedia.com/	1970-01-20 13:55:19	Name: CMID Value: YvRi.Q80HdQ1jKe6AkuqqAAA
.casalemedia.com/	1970-01-20 07:19:19	Name: CMPS Value: 1190
.casalemedia.com/	1970-01-20 07:19:19	Name: CMPRO Value: 1190
.adnxs.com/	1970-01-20 07:19:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImPLlzH)!@wnfH8K6pQK`!5=E<L5?%M51(yDzlfK<#iE(9P=kPqc7`'06@X-(kQuuC+bpRzqF1`b_2q**cLK
.doubleclick.net/	1970-01-20 05:09:46	Name: DSID Value: NO_DATA
.csync.loopme.me/	1970-01-20 07:22:12	Name: viewer_token Value: f3f9d49f-f295-4dd3-a4e4-c4f186bc4fd8
.ads.pubmatic.com/	1970-01-20 05:11:09	Name: KCCH Value: YES
.1rx.io/	1970-01-20 13:55:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f2f5e53e-80fe-42db-ba6a-a0a71699cb0b-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
ads.adlook.me/	1970-01-20 13:55:01	Name: adlm_userId Value: 9785f0c72ca142689b8deeac1abfaf9a
.adhigh.net/	1970-01-20 13:55:19	Name: gi_u Value: 0zZPFnvHURM.AikABlGCiqKkwg
.bidswitch.net/	1970-01-20 13:55:19	Name: c Value: 1660183291
.bidswitch.net/	1970-01-20 13:55:19	Name: tuuid_lu Value: 1660183291
.casalemedia.com/	1970-01-20 13:55:19	Name: CMRUM3 Value: c462f462fb05a0&da62f462fb2760&5862f462fb05a0&2d62f462f905a0CAESEBSzRAQjUAaCFhThoBtZdZU&b062f462fb05a00&f162f462fb05a0&2e62f462fb05a0&2762f462fb0b40&e662f462fb2760
.casalemedia.com/	1970-01-20 05:11:09	Name: CMST Value: YvRi+2L0YvsA
.adhigh.net/	1970-01-20 13:55:19	Name: btw_sync Value: jTp
.bidswitch.net/	1970-01-20 13:55:19	Name: tuuid Value: 30b886a3-70b2-4441-8a63-97e118142584
.betweendigital.com/	1970-01-20 13:55:19	Name: ut Value: YvRi-wAFsQh5lZ6C8AonDBewfyVwKq96kWXiuA==
.everesttech.net/	1970-01-20 13:55:19	Name: everest_g_v2 Value: g_surferid~YvRi_wAFiEvUnwAK
.amazon-adsystem.com/	1970-01-20 10:45:14	Name: ad-id Value: A4S9uzqBhk6ChfQ4f069S94
.amazon-adsystem.com/	1970-01-20 14:45:43	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-20 07:19:19	Name: CMTS Value: 1205
.yahoo.com/	1970-01-20 13:55:40	Name: A3 Value: d=AQABBPti9GICEJ162jLKx6p2bBRscMNqalUFEgEBAQG09WL-YgAAAAAA_eMAAA&S=AQAAAk3uCVNt5vVhnR9xhDuYCq8
.adtelligent.com/	1970-01-20 06:39:00	Name: vmuid Value: 6102a2166880e225
.adtelligent.com/	1970-01-20 06:39:00	Name: a319130 Value: f3f9d49f-f295-4dd3-a4e4-c4f186bc4fd8
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 13:55:19	Name: bcookie Value: "v=2&e5ed6b01-3793-4213-8c79-37a113b01976"
.linkedin.com/	1970-01-20 09:28:55	Name: li_gc Value: MTswOzE2NjAxODMyOTE7MjswMjHH7DVqRsiuxnAQCdxnZxqw+y1+PBp62I1qzBYBt9L9ow==
.linkedin.com/	1970-01-20 05:11:09	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2654:u=1:x=1:i=1660183291:t=1660269691:v=2:sig=AQHsIkGJJyAQpm1dSwwZ-lqLxDtJvWIp"
.bumlam.com/	1970-01-20 14:45:43	Name: suuid3 Value: IiQ4NTRiNTVmZS0xOTE5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/	1970-01-20 14:45:43	Name: __upin Value: jD3p4QZBvbt8z+GNk7/+cw
.aidata.io/	1970-01-20 14:45:43	Name: __upints Value: 1660183292
x01.aidata.io/	1970-01-20 05:09:43	Name: adsnpr Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://galt.hit.gemius.pl/xgemius.js(Line 671) Message: Mixed Content: The page at 'https://www.gismeteo.ua/ua/' was loaded over HTTPS, but requested an insecure frame 'http://ls.hit.gemius.pl/lsget.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/8eea804c-2e52-4ee5-9d84-34e9a61c4833 Message: Mixed Content: The page at 'blob:https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/8eea804c-2e52-4ee5-9d84-34e9a61c4833' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/8eea804c-2e52-4ee5-9d84-34e9a61c4833 Message: Mixed Content: The page at 'blob:https://9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com/8eea804c-2e52-4ee5-9d84-34e9a61c4833' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://www.gismeteo.ua/ua/ Message: The resource https://static.gismeteo.st/assets/bg-header/n_c0.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.gismeteo.ua/ua/ Message: The resource https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9922fdc4a0b1d1a877142cc04be37334.safeframe.googlesyndication.com
a1170.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.adlook.me
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
an.yandex.ru
ap.lijit.com
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
cache.betweendigital.com
cdn.admixer.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
csync.loopme.me
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
galt.hit.gemius.pl
ghb.adtelligent.com
gismeteo.ua
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
lbs-ru1.ads.betweendigital.com
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
match.deepintent.com
mug.criteo.com
node.setupad.com
p4-a2qsindadnnxu-2mq6c5ijb5aoclkq-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prg.smartadserver.com
px.adhigh.net
px.ads.linkedin.com
rss-images.gismeteo.st
rtb.adxpremium.services
rtb.openx.net
s.amazon-adsystem.com
s.update.indexww.com
s.znctrack.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.gismeteo.st
stats.g.doubleclick.net
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.bumlam.com
sync.dmp.otm-r.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
www.gismeteo.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
www.tns-counter.ru
104.18.18.126
104.18.19.126
13.224.195.78
135.125.160.160
135.125.163.79
141.95.98.65
142.250.184.227
142.250.185.162
142.250.185.194
142.250.186.162
146.0.227.109
146.59.30.100
15.197.193.217
151.101.2.49
151.236.118.210
159.89.25.223
176.122.21.131
178.250.2.131
178.250.2.146
178.32.210.227
185.170.60.101
185.184.8.90
185.187.81.40
185.187.81.41
185.64.189.112
188.42.196.115
193.16.47.244
193.232.150.70
195.201.152.104
198.47.127.19
213.19.147.45
216.52.2.30
23.205.235.133
23.35.236.188
23.35.236.201
23.35.236.247
23.75.240.210
2600:1f13:800:7781:b014:6cd:344c:1dbf
2600:9000:21f3:bc00:8:48e:53c0:93a1
2602:803:c004:200::140
2606:4700:20::681a:8b2
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6812:1e31
2606:4700::6812:d4c
2606:4700::6813:ac6c
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:2638::1c
2a02:6b8::90
2a03:90c0:41:2801::254
2a05:d018:d29:3605:9ba9:76c9:a8da:3df
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.120.3.232
31.172.81.158
34.243.93.43
34.253.74.200
34.98.64.218
35.227.252.103
35.244.174.68
37.157.6.245
37.157.6.252
37.252.172.123
37.252.173.22
38.91.45.7
47.252.78.131
52.19.54.25
52.46.151.131
52.95.115.196
62.149.0.72
64.233.167.156
67.202.105.31
69.173.144.138
69.173.144.139
69.173.144.165
79.137.68.72
88.212.252.22
89.108.120.76
002a803dcfb8277a457c082b711c5b421228c403cc814eaf91263619dc254ef5
05fdf9059f82368fa058a4fed88c9b56263934d770af68ea301f57f80be88ca6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af3d16561b4148a08ea9e304f40e94aa720f5d6aa7da0fee2bb0054a0cae0a1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cf3e7f7e3fc1d9339776b0421165d1df19c82be51316ebabd4c8025e3ae22f7
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130abfcf6a76e6eca3a26b5e28c9a3888f781b387f1c4738ab0050c62dc3f011
140531016f59f2f8d0d1e94209e94cf70e91f794bb14dfd963682f659c947506
16de06fe6fa400a8301610279e26648ca4dcbf8637be36a1440aa18c435c3492
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186456f68e798b6aeb8c250949d5568673a796257bfbb9ca6744c2c00d78c324
1ac2ae1f962434b4e47f41cfd67e8fac8c19442cdc4176cb44621698d0427062
217178c16504d4dac920bdb508859f30a2596f6b238f0cf0a2e46eb8be383b1e
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23fe442d4eb490d0275f3762703b2b184dc437109cb29ff093b7a849c16785c6
24fafc1fa0c3b299a3c3fcf81febe43c3470f50d9314afa7b44c80d4cd8c811e
28afb0bf5088962ee2ab6ccd51361d8851bbe38b82cb49acc1c5730fcc25f033
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b
2c514401e90a604925331ebc84676f8154078bef85f98939c6cef73c41e5e4a1
2d406d4745472525da74efe07425fa1c73865f524dccf430f6c0f0e85f6f06b6
2d48083fb1497fd8a18c60cee6cc3d02a5d35400774750a32c88e3df45aa6fb0
2fc41fe2f42902006230e4906e2def2e8551e9fae9584af11883fab423e5f9eb
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
343258b367bfb47c4bcdfa53bb95c5552a89701e36b55396a433505f53dc64d4
3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f
383342421973527061e679c6e5b9a9c86bee08b22a1813c8eb06a60dc5559a87
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ee92a43fad0826c4166fd9845f312fd40918041fadd3fd6b6939f9a95a43d37
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c7f77cb564e20029d53084a16a3f1ba3da49f2d2c08c610584a5020dc9aaf4
41dcd93761b22d74c11581b0ba4fd2684f0fc7833d291ce74ec69edda56e364b
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
44204f2cc649605ced641740d0ea2a213143790e99d33f72cd6b36c3a6364fdf
46a72aa49a1d9c2562b696dc7bd4efcfc5dda84c09d26c174612921053bd24f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6dbfb32929bcb0632adbe542f5ea5c3477a68df6ccf8aa9d487a66276ea68c
4fb127faab61d35a30e2941868508a1d37b60658f3310af0c702b19e2538bed3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
5170e4d29c52bf05240882362068874de560cd4f338b9ea53fedd08369eecddd
53a174b4bf00eb83e8211d8425b45e6785b1af25b1d7df7d731cafcb37dc580e
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551a2aae0d8fd089aad99029ad59ffd98ed9cb0b044b44b9f270fd77b9987510
557811357338530599a2c8e521f644b0d1a0e0fcb0c15d0875a7ffae38b151de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bf22b7e8019ce8c3a895972837a3e5f6c814d9b337c6f3bc632bf64f2dfc29
55ce45f875ee0e83d9f644252cd577f5dc4f40bd84c14461d5317113401f39d0
56ff33ff05a65a7275c4ecf0792cfd9010a6bfc139af4ca18fddc3f4674afc90
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
59e75f4b5d21ed0fd665253c3e284b33eba4dbc3fc7ad89bfe484f73d9f2b0ef
5b93375608ccdd64e2d47f13e20fe34c7eb801b4658b111d0fa173112340a2e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ef9e4a353c5adea27356c57a75527bd31dfaddb0cdaa334dd546f8bacac7fb
6207c8cced34c96e2cde34a3dbc7d9e55cfd41f34e1daa1fe2e8b40b37fb52d4
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48
6465505523ade4d8dccaa539261ae7e9b4cf127c4371a549679ce76029029efb
64c56b1349f1058c78816c89515edc6b381896a8444325e6778f495eb5844c20
65510155fba43504911909ebd5a89b33097335878ff825b6fd565d61a4688404
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69203082f1a1c36dc4a1668c84a1e46b9f660839dd6d4af9e96f48c6d8c0fdaa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc1c3fc7d492379a2182472029cae39c48e7863891cf6503fc2263c636b2589
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75d19b9bf5745d06ab4472468c07fd174802282448222f92bee9d8cc0319116b
75e9a9ef55c4e393993a0639611b68581b6acec37a51c4688e7485e0f510eef4
7f36588c1686ea8015ea40acf5e644e70fb3a9511be7e1f6e08adf1033c49de1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84bd083161b5219244e1832528e9d406eaf523319f8f3b63ce6405596e3a256d
87b56fb2a5700aa5860c79b71347f0d73a73252df23c9863b100e1394d8f5bdc
894aa20536ae6e99f77b8ea596211dc5a629e23fc3bd25be898f78612e245abc
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
920f9bfafa5d92c5b8c96bafa71681a60d34418e5ddcfbd06de5c23b622284e7
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
946226d61cf1a4bede27df1560a5db69f5a71c8d4fe238cbe4c6b771cc022f07
94f977a7908fb59e01a08ef399167efa0a90f29bf9961379a4ffa1f567871b73
953420eb86aa77be590c2525f9a075dd344165d078f61fc5406a423dff6690cd
956cde7966e9c20d669af9e9e052058da4a9afbbfa30392750cea1f04f8628b8
966b455649872dd789acc786aa043c38a8f8a922926762d2dfc063baa5e6874d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9709536c63c0fe7d46b59bcbdbd32a33e8201d32316674a742d003c767b2e2b9
991018d7dc531712bf0a3f814e49b878f7dfd7401705ae41242e8e51a63a141a
99bb23e517678ec44a603b7f053a410e97e715649dd196400a5c444a3fdae6e2
9c08c7d75ed50f7ead3d65bf0488ba70557b8cfb584bd2b31914513d5ca5f7c9
9d63bd999aa9d89764b6ffe145fa9e58d197c941c898170d57af362eea1eb6b6
9ddb6e908317f9ce608643df4a78bad67dbe1374af2c7074065baee16dd8ab74
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56c205b17f172e198b8ecda86282e8e29a86d88d02a39ac120f527fc71bcd17
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cd1f3a11d5062df709209b1b58594d6382458682b6ab3fd611aae52d1c4141
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4efdd51213501c44b4585056e852971897499fb51a54ea4ed7e60e12ee02c0c
b53e7f18bb4f8cf37d6d1e014ce147d7e77654caf1ee39467fc016d87ae6b47c
b849ba37ecb657fa7e5e2a886cff24ba2618536c89c7726d6f8b7ebcbf032c35
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
ba8e5a7f01f6f425af71cbcb179acf3f17678ae8fb350cbf826e707f01517da0
bfc0cb7e95a5d1ab3b6370474546916b96392167fbe192a25aaad121e4c19912
c09f6f272247e80f6d4e24539097da7c11af9b389dc22d29712ef4c332ba1f37
c210a0a3eadddeb40cd8459858c28f2b7e294a75adafef7c13c9d1cc9ab9cb2f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c96dc3927ec0213f3eb18af22c848a96591c50076a4282715af77bcb6433484a
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c97b0999c86c60c4ec6a286cb70241ad4aeb7ab9fc90d13ea338f29396292714
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
cba8b10409c5c4fa6052e0395c960a61fb0017dc08fb3e7973d5fb48ef4c7daa
cd418834729de298692e48148657b0905bab4ce37cdbbf378c60b0739a923bd4
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d4a6a058823e1941fb9dadac766ca12b03b0dbd6db856adfeb19bab11bfb53cd
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
da3a5cb5a8564b127deb036eb0c2dd52dcac09feb1f042311283fd30b9b05501
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dece32ab40024a03d2cac85f4bc3f2405d3879e33c112a996ed91948ac0c6d4d
df94b012428d4a6fdae47f60cf86ffc6eb3e3d115ba5a3e71a287f78b35074db
e0e2516e4d1e2ce67c1b903163bfb78ed015b5fc84c755d77782fad1157903b0
e2b4446b088b671a0551c227061dc3556c5919661d0b217a1f90c0ac5ec03fdf
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4
e5625d5bcd517d85dd87fa8cae8d149220802b7c1697bf5f8a9bb551de92cde7
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e8def5f7f3ad2c44eae866a7bd376b480ca4f5a5e6e861550be18ed4db2d1c55
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
edb993525a345c1dff73ef8a1709f2f3cd74760f1f9327fc19f067450a8bb348
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9
f16e31d0089e0403b95c078217872abd11e9f930e7a7759aec7a5387fee7a418
f34d7c9330d38f0a448ac3c107f2891cfa62c83d1e2ef1e5b2a77b3a6cd75748
f508248fa4625d737b03bd371afadeb7747f2008425dfcfcd0f01df2d606958d
f5fd9ba742c123905aeccd049defeaba15468eef9e9fde8771389f0289344635
f77f2dc9b6f0795bd37c21453e2f478f8f7160ad3b78ba939e003037405e90d6
fb005091457dea1b78131f21eaf6f3718f7a11085501cd0b9ab65448a08fad1f
fc706da7708489e7e72f770c368ad6b362f7b8be58eb221699df21b97eb8fb80
fe2afd17237c8eaeaa6ca240c0af8fcf7464920edcfac8816589ea92322fc31a

www.gismeteo.ua Open in urlscan Pro 193.16.47.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

240 Requests

89 %HTTPS

31 %IPv6

57 Domains

95 Subdomains

79 IPs

15 Countries

2251 kBTransfer

5710 kBSize

61 Cookies

11 Outgoing links

Page URL History

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gismeteo.ua Open in urlscan Pro
193.16.47.244 Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

89 %
HTTPS

31 %
IPv6

57
Domains

95
Subdomains

79
IPs

15
Countries

2251 kB
Transfer

5710 kB
Size

61
Cookies

240 HTTP transactions
7 data transactions