sum.in.ua Open in urlscan Pro
195.242.161.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sum.in.ua/
Submission: On December 14 via api (December 14th 2022, 1:58:40 am UTC) from GB — Scanned from GB

Summary HTTP 138 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 30 IPs in 11 countries across 35 domains to perform 138 HTTP transactions. The main IP is 195.242.161.64, located in Ukraine and belongs to FORTUNE-AS, UA. The main domain is sum.in.ua.

This is the only time sum.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	195.242.161.64 195.242.161.64	47434 (FORTUNE-AS) (FORTUNE-AS)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 2	104.18.3.81 104.18.3.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4 4	18.194.50.17 18.194.50.17	16509 (AMAZON-02) (AMAZON-02)
3 21	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:c4b2:9469:8ead:7508	16509 (AMAZON-02) (AMAZON-02)
4 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 4	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
138	30

6 195.242.161.64 (Ukraine)

ASN47434 (FORTUNE-AS, UA)

sum.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.3.81 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.50.17 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-50-17.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:c4b2:9469:8ead:7508 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.19 (United States) 4 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.209.56 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	410 KB
31	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	91 KB
28	criteo.net static.criteo.net — Cisco Umbrella Rank: 662 pix.eu.criteo.net — Cisco Umbrella Rank: 11597 csm.eu.criteo.net — Cisco Umbrella Rank: 11957	190 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 18634 ads.eu.criteo.com — Cisco Umbrella Rank: 11394 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 14558	85 KB
6	sum.in.ua sum.in.ua	130 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1250	921 B
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 604	3 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413	4 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	187 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	59 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 7344	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 11213	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 727	493 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 350	966 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 503	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 639	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5026	655 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 833	136 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
2	i.ua 1 redirects r.i.ua — Cisco Umbrella Rank: 256725 i.i.ua — Cisco Umbrella Rank: 710850	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	89 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 936	578 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 321	465 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 951	356 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1545	351 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494	588 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 61397	612 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2681	104 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	693 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 216035	759 B
138	35

	Domain	Requested by
21	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
18	static.criteo.net	ads.eu.criteo.com static.criteo.net
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	sum.in.ua pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sum.in.ua
6	pix.eu.criteo.net	ads.eu.criteo.com
6	sum.in.ua	sum.in.ua
4	sync.teads.tv	2 redirects
4	ap.lijit.com	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	x.bidswitch.net	4 redirects
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
3	counter.yadro.ru	2 redirects sum.in.ua
2	onetag-sys.com	1 redirects
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	static.xx.fbcdn.net	www.facebook.com
2	fonts.googleapis.com	cdnjs.cloudflare.com googleads.g.doubleclick.net
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
2	connect.facebook.net	sum.in.ua connect.facebook.net
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	www.facebook.com	connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.hit.ua	sum.in.ua
1	i.i.ua	sum.in.ua
1	r.i.ua	1 redirects
138	45

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
www.i.ua
hit.ua

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh

This page contains 17 frames:

Primary Page: http://sum.in.ua/
Frame ID: D2AC0DA564ED6B39F91259BBC5A21EA9
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1670983114&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1670983114529&bpp=21&bdt=465&idt=346&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=2995779715239&frm=20&pv=2&ga_vid=1508346062.1670983115&ga_sid=1670983115&ga_hid=401274080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=2119683902805873&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Si2S1fKRCN&p=http%3A//sum.in.ua&dtd=369
Frame ID: CF7224B29C239F64F4488218A4832729
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5ktywAAn9kIu8PmAAMMg9gjGZKEMglamolPQA&u=%7C2v6FfEhptRpkUku72Efu1pQR2gnGrOAJAamkdOuAvqw%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDbOiPmOWzW3k71Mbk_DoGTELDxujnS0oLLgEvn1yP-xNFviOZcxUBmuea_fF3F0TZ82EfKrJf5U4iXDLN8p7N0_CqQdBT0JtMOmnuXzwdB7jXdIM7Em698M5Dl9Q65CfL4XmzZvG6Bzncgm-gLdeB78WpoJGDL7702YV4wy5lbZgc0FfkpDl4nPGNzjYwtRq_B6-f5FF0BLIys3xS6LHCdCRM4-WZZfdPeqsYsa0sBUmGtKACwb0f1JckQOtrIIOp1kPsfmOg_t_ndLrOpYGk1M0hRjD-pO6sMzwOi7SoUH5Lk9yH5nEVcndNgGRHlJoRH97lUda1jxRP3vBCAuzAmnbqGxr6becRLPQHM2XqfOAXBWBgacQ8PVWbsU_Nq9JeF9XVtxKKvXde49wKUjeInCPV09GPupxToxJGm1Ms3ijrgPRziDzsGRrX3Qv9cYmKFufCLPFciSnAlWiXIypHQMlSK9Zr3iLEDQo0R5bPK3GUYmBI8COIdllme8na5dKqph2jogf6CYocnj3sVib4_1wkTPcvTuhUWmsnY-Wydhmv0gX3gUX0yQkyA4U-K0xD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAKU4yy2ZY9m_AuaH7_UPg5mM4Abkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEqAFP0LmkCKxzUsLdVeXVp45baVhgtFalHnJQZ40KlC5MR500SrKRu8kONlKP_CJMQYAwaKdvDabxB26rvAToFfo5UrQtlLi-TAbv0QwqKtqh6wof162GBgJLtsyQVLfV0DJq8_Vbo3Is32IAzJbWd7G1eGtY0kiMceXFu-lFlblwrWfJZYz8hS87saUI5JhVSBO6QBCFB3_sy1qeWNC8iKvw_ORptWIYJZmABs-o-caAxtXt8gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27v3P7TDf9KvaRluMPnZ1gA0flcw%26client%3Dca-pub-2843374221922515%26adurl%3D
Frame ID: 472CA3E4E7A225B9E051FFAEF4B22810
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f4f2d47c53104%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ff1658cc2b3c4a9c%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small
Frame ID: BBBBCAF39BF7F3273B7EB67704E1513A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: B8BF5B6D4CF97D24B44188489715C3CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1670983116&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&dt=1670983116105&bpp=3&bdt=2041&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96fc1b157da0a4dc-2275edc40ed900a4%3AT%3D1670983115%3ART%3D1670983115%3AS%3DALNI_MbreJr5WrrQ9GsNXS-WIdyiPkaKsA&gpic=UID%3D00000b925ee29a62%3AT%3D1670983115%3ART%3D1670983115%3AS%3DALNI_MbgUAirRCgTRXDO2ksGcvR33dMmmw&prev_slotnames=6868198912&nras=1&correlator=2995779715239&frm=20&pv=1&ga_vid=1508346062.1670983115&ga_sid=1670983115&ga_hid=401274080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&psts=AMjMPc0X--xc6zLFCs999mZ5sykmEW4XNIirMq33AFYQv-CEiA9XEQ0MoxK3fc5R34YzBfzvzOfoY1l35j0KtQ&pvsid=2119683902805873&tmod=1367643892&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=29
Frame ID: F040B3DDB9C9F5FD14311CBF7B2E89F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B4C605C8894C25A04E1EDDF35419956
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ADCA59197E3F9E01A886A3101BFD2043
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: C04D363B25E234FD67662ED0E1B70EFF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 29C215DD38D9112C6A74BB333A738B33
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4EBBDA903789E37991F1918E30E19AA5
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5ktzAACotIH_Z8MAAh7_pHQHZ5ye5ZX917Czg&u=%7CO3eKcsXq6c7Vb9lb%2FyE7gF82WWt%2FyYLdQMfMnDJ7ZpE%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6vIwM_SX-y2rV8ZNHY5Wggvq8iL2aFnq5ENZXndqcpfP9SQJR5_Ox7hjauID21byvoTRPfQjY1OwwLj9v431qMI8YtdhcGXjVSu6LN4_piuct54w-nh80_S1mnmTFWU2LB5w2xv8VJdDTw9o38der5EBWe9kaaUqqrpR7JybvFKUr-z55i57Rb0X9DhWobc_HnxpzAB-vk1zJOzo_KIfoEDnsIlUOAr8lugVsev9EL5-fU1t3OaRFXe86TaBe4t0VJt998_LpwWNEHe8MWc-lxRUZFiOjaPXNC_ncQw-zFe5KInZYBOgC2xbk1iofsUURJM_EN2UsxsQEEdAUtstXOZDx8rVt3rvlfOdyJcPvw2xAPvfzjZxo3G723fZI0PQMoLJC0pTktpOGz5zwOFlvKJgDeiIKlWBswaCN4J3jMGu0B0S086tnf2L0vMM0WAVldYyUMw_SAuIG8xVOuAlQmtXnX56Cv-cbPCv8jMntakW8Fh5f5mYK-FTh6WyMtJ7BOGL2iCb9glYCafzmAXaj5ZRnuXhXQtz2UFYGngytDLzP4_iZtQd0vsRYT678j0ZOKZi74F5DufIARQuSTP-emilqqhWnFMHk6naCvkkYIohI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj7xhzC2ZY9LFCoy-9u8P_vehuAbkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEqQFP0Dkp-ipgSCslVhFDMxuWk0nUslNxltEzr6sTLqJDNxwlj3WDnYxe0XH2Up35OXKcQIFWLW4KBsRiRVQus-sJncg_5h8JPdCn6o7o6nweWz6hXuIu1F69bn8O4KWcxFwJMvs_s80CDDLcD9liwkwfSejGsKwlAyADzFSR7CvJoSNz1i27ljTPTxhfTVkmcQFH2QaPy5hWWdz0m6pg5XTUHG9H2c1Co9eAgAbPqPnGgMbV7fIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34uF1gihmcevPJGjKjzVeFcOwIVQ%26client%3Dca-pub-2843374221922515%26adurl%3D
Frame ID: 24EC3D30B12A22D9CCFCDD9F54434B28
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1F70136CCF9079BFABEF9ADE8452672
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FE3BACD9827E5BC54D92EFD713B371D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 83AB24128140F6B19EB70F26F2928F26
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: BAF7C998DD9CBF5F5DF5F5A2C86B3722
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: F74EF2E016DE6ED0F5FF7E75C169E44E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Академічний тлумачний словник української мови

Detected technologies

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

138
Requests

79 %
HTTPS

48 %
IPv6

35
Domains

45
Subdomains

30
IPs

11
Countries

1409 kB
Transfer

3623 kB
Size

28
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.i.ua/
Title:

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=80114
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://connect.facebook.net/uk_UA/sdk.js HTTP 307
https://connect.facebook.net/uk_UA/sdk.js

Request Chain 8

http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.8657656842718291 HTTP 302
https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.8657656842718291 HTTP 302
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.8657656842718291

Request Chain 9

http://r.i.ua/s?u122537&p268&n0.001973648467179734&c1&d24&w1600&h1200&rsum.in.ua/ HTTP 302
https://i.i.ua/r/3_3_5.png

Request Chain 87

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBQz3rtGSH6GsfCjj0fVPGU&google_cver=1&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILfSp7i1tI2OQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBQz3rtGSH6GsfCjj0fVPGU&google_cver=1&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILfSp7i1tI2OQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILfSp7i1tI2OQ&google_hm=j7-iF6qLS2mJmUMKuLO9nw==

Request Chain 88

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECBqrgG-MAyEnd_JA48lkMw&google_cver=1&google_push=ASkJ3FYKPOoW5rjcR1-DLf5PDH3GWhu6COb_aGOJPkcsD8uJVmOvBAUnHLGUsnI-q9fJSF-HbNI2_DRtJjcamMqCPX3YOOO5MtFOVU8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYKPOoW5rjcR1-DLf5PDH3GWhu6COb_aGOJPkcsD8uJVmOvBAUnHLGUsnI-q9fJSF-HbNI2_DRtJjcamMqCPX3YOOO5MtFOVU8&google_hm=eS05RGNNQll4RTJwRnNQalltb2lGeW94RDVscGJoZkZCYn5B

Request Chain 89

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_cver=1&google_push=ASkJ3FYAbUYIz-EwOlc0QGu4yroKNqEIH0HhRkywR0ytIqinvzdPahG_w4QstuWn59rR9-AfX30M6kgkWTvvObCXNP71avHtJwrKRA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_push=ASkJ3FYAbUYIz-EwOlc0QGu4yroKNqEIH0HhRkywR0ytIqinvzdPahG_w4QstuWn59rR9-AfX30M6kgkWTvvObCXNP71avHtJwrKRA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzWZbA3aZom_mU27aJQAAAscAAAIB&google_nid=index&google_push=ASkJ3FYAbUYIz-EwOlc0QGu4yroKNqEIH0HhRkywR0ytIqinvzdPahG_w4QstuWn59rR9-AfX30M6kgkWTvvObCXNP71avHtJwrKRA

Request Chain 90

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0XEXZ_eUB_Pi9A HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0XEXZ_eUB_Pi9A&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0XEXZ_eUB_Pi9A&google_hm=Fz-2sGZH7-_-GcqbQZm6glFv

Request Chain 91

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEF25UPdUIyoJeu5P1MiB63c&google_cver=1&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGOnZi_l3YzSP0TtreMmrZ7aHey6yltZ3hdZIVb8GLsfCdcMP_ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEF25UPdUIyoJeu5P1MiB63c&google_cver=1&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGOnZi_l3YzSP0TtreMmrZ7aHey6yltZ3hdZIVb8GLsfCdcMP_&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUE5qUFhkRTJ1SGNzejB1MEFvRkJPbkpSTjU4QjNjZ35B&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGOnZi_l3YzSP0TtreMmrZ7aHey6yltZ3hdZIVb8GLsfCdcMP_

Request Chain 92

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAY9UGPRzdFdk27t3qql080&google_cver=1&google_push=ASkJ3Fbt7TJfz5QdK8AlgSXYh7exgYABUP7SZ6PTivrb-nDVahL2a_hQh48_VcZacZwABZ-fL0SGI1lLjlkNC6fRe7B7SYNdS1Ln478 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3Fbt7TJfz5QdK8AlgSXYh7exgYABUP7SZ6PTivrb-nDVahL2a_hQh48_VcZacZwABZ-fL0SGI1lLjlkNC6fRe7B7SYNdS1Ln478 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 93

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENnbE2Qags4gQgikcb2ZCrg&google_cver=1&google_push=ASkJ3FbcKQ2eGIHuPhsPG-3BO-nuKw6G8hcyioRjKgsBN9-6tAFQs4MP1UfxDV5HwprGuUKti1zjuRTKVDQu4c6ecThMUAtqcBp0mBo HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENnbE2Qags4gQgikcb2ZCrg&google_cver=1&google_push=ASkJ3FbcKQ2eGIHuPhsPG-3BO-nuKw6G8hcyioRjKgsBN9-6tAFQs4MP1UfxDV5HwprGuUKti1zjuRTKVDQu4c6ecThMUAtqcBp0mBo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8fbfa217-aa8b-4b69-8999-430ab8b3bd9f&%%GOOGLE_PUSH_PAIR%%

Request Chain 107

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPc_1yUEtZ40nfGYGxKsZw0&google_cver=1&google_push=ASkJ3Fa5WD9FgKj0LFY_D5EIAK017ppFklERxfHyQMd09qapQxiGRtO3kPHwwR7g8NjLACjRBhLKFwbJik4FE9qrqNVz4mWHi5xG-5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fa5WD9FgKj0LFY_D5EIAK017ppFklERxfHyQMd09qapQxiGRtO3kPHwwR7g8NjLACjRBhLKFwbJik4FE9qrqNVz4mWHi5xG-5w&google_hm=0mQYL7-2QoulAsB_J2Rdvmk

Request Chain 108

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAIOTEcEemd6bBRhBP_6uhQ&google_cver=1&google_push=ASkJ3Fbo-A2anHulBkQzWKSkR0B-KO_SFBc6QVrnv-E6ob48mHkrWQCcO7hsum8v_HN46gaPCKTvmYrPB7aBbSHOIwemp0PAojQ69mov HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxNzgzOTY4NzY2MTcxNw%3D%3D&google_push=ASkJ3Fbo-A2anHulBkQzWKSkR0B-KO_SFBc6QVrnv-E6ob48mHkrWQCcO7hsum8v_HN46gaPCKTvmYrPB7aBbSHOIwemp0PAojQ69mov

Request Chain 109

https://d5p.de17a.com/cookies/google?google_gid=CAESEAKlM-WDQ3zZwxeYAuECBOE&google_cver=1&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrKlhX2SatLNnX HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAKlM-WDQ3zZwxeYAuECBOE&google_cver=1&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrKlhX2SatLNnX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrKlhX2SatLNnX

Request Chain 110

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIVyjP4LeWaLXrzvO5_ZgRY&google_cver=1&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BRpuq6HDcPuS_7cVLZXmjgBrjhrP0n5 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIVyjP4LeWaLXrzvO5_ZgRY&google_cver=1&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BRpuq6HDcPuS_7cVLZXmjgBrjhrP0n5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc1MzAyNzgxMDc3OTUyMTQ1Mw&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BRpuq6HDcPuS_7cVLZXmjgBrjhrP0n5

Request Chain 112

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8jEPNIrCxtI2ffMi HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8jEPNIrCxtI2ffMi&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8jEPNIrCxtI2ffMi&google_hm=Fz-2sGZHIz7JDUi1RF6puER8

Request Chain 115

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMzb29Dcju85-bDZYKIrNkY&google_cver=1&google_push=ASkJ3Fa7VBXue8z0rdAOsmOSMeV9Gjg-KtdzcO6XKLfAwGOt3D0JpCYJahz768-sJx47iHwudW8kObfZ0f4B9ZDrLn-FhB5wkBiODw7W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOMDdEMlktMUotQVgwMQ==&google_push=ASkJ3Fa7VBXue8z0rdAOsmOSMeV9Gjg-KtdzcO6XKLfAwGOt3D0JpCYJahz768-sJx47iHwudW8kObfZ0f4B9ZDrLn-FhB5wkBiODw7W

Request Chain 116

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_cver=1&google_push=ASkJ3FaGI45Het155QCzoycgvOhhvL57yex8AQQTKAfgwBa0vUOqOjGg7AkqjFXPtMd8KYYs7UHXQgBOVcBT9mlodu6fbZM5O224mzg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_push=ASkJ3FaGI45Het155QCzoycgvOhhvL57yex8AQQTKAfgwBa0vUOqOjGg7AkqjFXPtMd8KYYs7UHXQgBOVcBT9mlodu6fbZM5O224mzg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzd3zDx0qPD32a8FsvAAAAsIAAAIB&google_nid=index&google_push=ASkJ3FaGI45Het155QCzoycgvOhhvL57yex8AQQTKAfgwBa0vUOqOjGg7AkqjFXPtMd8KYYs7UHXQgBOVcBT9mlodu6fbZM5O224mzg

Request Chain 117

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFLCna5oMOBmFRFVFzAzEzQ&google_cver=1&google_push=ASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1670983117158 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a437fc6c-07f7-4025-878a-1096c8bbb50b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m%26google_hm%3DA6Q3_GwH90Alh4oQlsi7tQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m&google_hm=A6Q3_GwH90Alh4oQlsi7tQs

Request Chain 118

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOGHw-gInyvMj1XN9FImcEE&google_cver=1&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZRpLKdPUSmjrepAkTWnzGfFIYfTR5LhhNHJoiyEn8jcI6tAj2 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZRpLKdPUSmjrepAkTWnzGfFIYfTR5LhhNHJoiyEn8jcI6tAj2&google_gid=CAESEOGHw-gInyvMj1XN9FImcEE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2OTI2NDc4NDcxNjUzMDU2NTAwOQ%3D%3D&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZRpLKdPUSmjrepAkTWnzGfFIYfTR5LhhNHJoiyEn8jcI6tAj2

Request Chain 119

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGCEXq2QZ1ht_vCQkEXvvQs&google_cver=1&google_push=ASkJ3FZcY0etnuYHfFAKgEfU_BIDhl9A8tRjX4Dpd_a4o3F9hseGTLyBricff0GTd8r1pe0CDLKfsnH9zSvYYvs5WgCt3l2fMf9JIirFjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZcY0etnuYHfFAKgEfU_BIDhl9A8tRjX4Dpd_a4o3F9hseGTLyBricff0GTd8r1pe0CDLKfsnH9zSvYYvs5WgCt3l2fMf9JIirFjg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 120

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAY9UGPRzdFdk27t3qql080&google_cver=1&google_push=ASkJ3FbYWQLaT3BZV3DdxCY3UEnAMmU6NbiO7ar9Alh8b8Z8YeQjgJmkkk4uOWW--Ph5GCdUG81bnh55k7plwmw4zo5H3-kzmGrX4hOVoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FbYWQLaT3BZV3DdxCY3UEnAMmU6NbiO7ar9Alh8b8Z8YeQjgJmkkk4uOWW--Ph5GCdUG81bnh55k7plwmw4zo5H3-kzmGrX4hOVoA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

138 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sum.in.ua/ 9 KB
10 KB 573ms
474ms Document
text/html 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) / PHP/5.3.6
Resource Hash: 34ac4248db1009ac1fe7c9b219b273f9fa425c5f0f7a477945aa781eea4d6d7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Language: ru
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 01:58:33 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=3, max=15
Pragma: no-cache
Server: Apache/2.2.23 (CentOS)
Transfer-Encoding: chunked
X-Powered-By: PHP/5.3.6

GET
H/1.1 200
OK common.css
sum.in.ua/com/ 14 KB
14 KB 84ms
84ms Stylesheet
text/css 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/common.css
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:58:34 GMT
Last-Modified: Mon, 19 Jun 2017 16:31:43 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0c2f-36b7-55252ab982951"
Content-Type: text/css
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=14
Content-Length: 14007

GET
H/1.1 200
OK computer.css
sum.in.ua/com/ 424 B
736 B 157ms
78ms Stylesheet
text/css 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/computer.css
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: 18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:58:34 GMT
Last-Modified: Mon, 07 Apr 2014 12:12:24 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0721-1a8-4f672c7b9ba98"
Content-Type: text/css
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=15
Content-Length: 424

GET
H/1.1 200
OK mootools.js Show response
sum.in.ua/com/ 92 KB
93 KB 165ms
82ms Script
application/x-javascript 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/mootools.js
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: 44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:58:34 GMT
Last-Modified: Tue, 02 Apr 2013 19:18:16 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0877-170eb-4d965996fae00"
Content-Type: application/x-javascript
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=15
Content-Length: 94443

GET
H/1.1 200
OK ajax-nc19.js Show response
sum.in.ua/com/ 10 KB
11 KB 165ms
82ms Script
application/x-javascript 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/ajax-nc19.js
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:58:34 GMT
Last-Modified: Tue, 11 Sep 2018 02:17:27 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c05da-28d2-5758f133b9bc0"
Content-Type: application/x-javascript
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=15
Content-Length: 10450

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 99 KB
36 KB 124ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb06b9d178250196264b7ad9342d7d04a3211c698fa2da13914ccbe0bf5fd88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:58:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 6611440598409416937
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 36190
X-XSS-Protection: 0
Expires: Wed, 14 Dec 2022 01:58:34 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/uk_UA/
Redirect Chain

http://connect.facebook.net/uk_UA/sdk.js
https://connect.facebook.net/uk_UA/sdk.js

3 KB
2 KB

183ms
58ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

650d46707458b3f9cd24807dd3ff21aa229f669b9607430b41f2ab9b4619f95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 01:58:34 GMT
content-md5: QHSXJ1hzK9qy9chxwgy1rw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: MgfiSlwyFkoqbtYLNqQ52RQQIcG6T0GtlWmcz7g9ZCW5C6qkz7eoL0OLbDlHh3DBwFSBGzpn3Xm5u1s/xjw24Q==
x-fb-trip-id: 686109401
x-fb-content-md5: d2731c92712264019605c58792c5d9e4
cross-origin-opener-policy: same-origin-allow-popups
etag: "7ded0ed901802404eab0edb27ba13b53"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 02:11:22 GMT

Redirect headers

Location: https://connect.facebook.net/uk_UA/sdk.js#xfbml=1&version=v2.7
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
118 KB 187ms
81ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf6e98eb0291b5df9d22a4cd5dd4a4894824fe85606c7629197f3f500cca3b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119962
x-xss-protection: 0
server: cafe
etag: 5991093664967510099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:58:34 GMT

GET
H/1.1 200
OK rect.png
sum.in.ua/com/ 2 KB
3 KB 83ms
83ms Image
image/png 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sum.in.ua/com/rect.png
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/com/computer.css
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/com/computer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:58:34 GMT
Last-Modified: Sat, 12 Oct 2013 10:19:45 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0881-8e7-4e88892f91e6e"
Content-Type: image/png
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=14
Content-Length: 2279

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%...
https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439...
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u04...

132 B
618 B

81ms
80ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.8657656842718291

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

61423adde5fbb34edef8c9b622b435c58a1d12df35a9641d19b345e14c9eab1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 01:58:34 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Mon, 13 Dec 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 01:58:34 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.8657656842718291
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 13 Dec 2021 21:00:00 GMT

GET
H2

200

3_3_5.png
i.i.ua/r/
Redirect Chain

http://r.i.ua/s?u122537&p268&n0.001973648467179734&c1&d24&w1600&h1200&rsum.in.ua/
https://i.i.ua/r/3_3_5.png

1 KB
2 KB

143ms
65ms

Image
image/png

104.18.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.i.ua/r/3_3_5.png
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: H2
Server: 104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:34 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Mar 2007 13:53:49 GMT
server: cloudflare
age: 10405227
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 779355d3b91fe5a3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1187
expires: Thu, 27 Jul 2023 22:34:33 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 01:58:34 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location: https://i.i.ua/r/3_3_5.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 779355d24a05074f-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: 0

GET
H/1.1 200
OK hit Show response
c.hit.ua/ 319 B
759 B 198ms
83ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.9469801407807201&r=&u=http%3A//sum.in.ua/
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: 73f871b2c767ab1e0f31592410c6c44d979291584d07077223dfad4a12bfa92d

Request headers

Referer: http://sum.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 01:58:34 GMT
Server: nginx/1.17.9
Transfer-Encoding: chunked
Content-Type: application/x-javascript
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 306 KB
87 KB 120ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=eee34c4512921bcf8248abdceeb1e4ec

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f0019d0fc22d6093d828cee7823f4e7780927285023ad3481fa4c65dbde3f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://sum.in.ua/
Origin: http://sum.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 01:58:34 GMT
content-md5: /OBPeteDwGNkTsz6Poq/tg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88621
x-fb-rlafr: 0
x-fb-debug: qogGf+fNNwErNriarU65z49c9MkflGAu3TWPEumLzABTOjBo+ecxetRekDYN4g3H4e5tx/mvej1jLW5SxFtjIA==
x-fb-content-md5: 67abbb7b01d83c31aafd184c793cc9c2
cross-origin-opener-policy: same-origin-allow-popups
etag: "337423e85053aad224b031b61e29eec6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Dec 2023 01:07:59 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
693 B 161ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sum.in.ua&callback=_gfp_s_&client=ca-pub-2843374221922515&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be4f7e091bd8b0d2d551992d7c2c68c8c271f1506bf724868734056183de18c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 177ms
58ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 162ms
57ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF72 22 KB
10 KB 284ms
178ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1670983114&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1670983114529&bpp=21&bdt=465&idt=346&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=2995779715239&frm=20&pv=2&ga_vid=1508346062.1670983115&ga_sid=1670983115&ga_hid=401274080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=2119683902805873&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Si2S1fKRCN&p=http%3A//sum.in.ua&dtd=369

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3eab8951a1acb8c56015baad95c754bee9929c8375cfc37dcea5c8a0f00c2c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9812
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:58:35 GMT
expires: Wed, 14 Dec 2022 01:58:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CF72 3 KB
1 KB 167ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1670983114&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1670983114529&bpp=21&bdt=465&idt=346&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=2995779715239&frm=20&pv=2&ga_vid=1508346062.1670983115&ga_sid=1670983115&ga_hid=401274080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=2119683902805873&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Si2S1fKRCN&p=http%3A//sum.in.ua&dtd=369

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:55:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CF72 18 KB
8 KB 162ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF72 153 KB
47 KB 72ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:58:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF72 0
0 188ms
94ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzgLByy2ZY9m_AuaH7_UPg5mM4Abkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEpQFP0LmkCKxzUsLdVeXVp45baVhgtFalHnJQZ40KlC5MR500SrKRu8kONlKP_CJMQYAwaKdvDabxB26rvAToFfo5UrQtlLi-TAbv0QwqKtqh6wof162GBgJLtsyQVLfV0DJq8_Vbo3Is32IAzJbWd7G1eGtY0kiMceXFu-lFlblw72Xo919edyqoQ6qQZ_zJ4xCuSqyPKWc3RcH6xHEDlofoLWODsPGABs-o-caAxtXt8gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI4NDMzNzQyMjE5MjI1MTUYAA&sigh=bUsXDETWGnM&uach_m=[UACH]&cid=CAQSGwDq26N9m1kqLvbAQ2okYVHF1fv0KcnE4RlTuhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1670983114&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1670983114529&bpp=21&bdt=465&idt=346&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=2995779715239&frm=20&pv=2&ga_vid=1508346062.1670983115&ga_sid=1670983115&ga_hid=401274080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=2119683902805873&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Si2S1fKRCN&p=http%3A//sum.in.ua&dtd=369
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 01:58:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Dec 2022 01:58:35 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame CF72 0
0 124ms
41ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvGyFIyvMNQDPIf6VxgCAAAAehi5CxI4APha3z3uEMotmWNHCPd8gDpq9NLAOwASAAA&wp=Y5ktywAAn9kIu8PmAAMMg9gjGZKEMglamolPQA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 320270
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 472C 115 KB
41 KB 164ms
81ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5ktywAAn9kIu8PmAAMMg9gjGZKEMglamolPQA&u=%7C2v6FfEhptRpkUku72Efu1pQR2gnGrOAJAamkdOuAvqw%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDbOiPmOWzW3k71Mbk_DoGTELDxujnS0oLLgEvn1yP-xNFviOZcxUBmuea_fF3F0TZ82EfKrJf5U4iXDLN8p7N0_CqQdBT0JtMOmnuXzwdB7jXdIM7Em698M5Dl9Q65CfL4XmzZvG6Bzncgm-gLdeB78WpoJGDL7702YV4wy5lbZgc0FfkpDl4nPGNzjYwtRq_B6-f5FF0BLIys3xS6LHCdCRM4-WZZfdPeqsYsa0sBUmGtKACwb0f1JckQOtrIIOp1kPsfmOg_t_ndLrOpYGk1M0hRjD-pO6sMzwOi7SoUH5Lk9yH5nEVcndNgGRHlJoRH97lUda1jxRP3vBCAuzAmnbqGxr6becRLPQHM2XqfOAXBWBgacQ8PVWbsU_Nq9JeF9XVtxKKvXde49wKUjeInCPV09GPupxToxJGm1Ms3ijrgPRziDzsGRrX3Qv9cYmKFufCLPFciSnAlWiXIypHQMlSK9Zr3iLEDQo0R5bPK3GUYmBI8COIdllme8na5dKqph2jogf6CYocnj3sVib4_1wkTPcvTuhUWmsnY-Wydhmv0gX3gUX0yQkyA4U-K0xD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAKU4yy2ZY9m_AuaH7_UPg5mM4Abkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEqAFP0LmkCKxzUsLdVeXVp45baVhgtFalHnJQZ40KlC5MR500SrKRu8kONlKP_CJMQYAwaKdvDabxB26rvAToFfo5UrQtlLi-TAbv0QwqKtqh6wof162GBgJLtsyQVLfV0DJq8_Vbo3Is32IAzJbWd7G1eGtY0kiMceXFu-lFlblwrWfJZYz8hS87saUI5JhVSBO6QBCFB3_sy1qeWNC8iKvw_ORptWIYJZmABs-o-caAxtXt8gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27v3P7TDf9KvaRluMPnZ1gA0flcw%26client%3Dca-pub-2843374221922515%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

282cea909585f898ee48a49cbbba6cb6b982e5d4e0945dfa0ef7e05dadcec4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:58:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ujZhglUhXcO1gekKkiAJHb7q3fCie5NluZQi2l6bjyCG6v3oGGGyYCsGcb6WE9V1ydmgJvj3BsS-G6HgmhPryQkp_WbtxVxIwxh0afsy1gpZO0RvfuBqOWxjbPKq2ZTsY93y133XbnElIgps0HAbW2gBSKLqdxLw6cb2FMMdbVmDZ8D5A5YrEBGK-492cwf05Z81jpe4CXZo1JDw33EgLu9J0mdPFRW_XIPf82f-ARUzjtbVAza9z9CK-75KocRE4vA2pg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 39892388
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame CF72 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dd1bfea44aef572ec70da13521e4a15e8738cea0038862a6ae6471e3ee212ab

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 472C 2 KB
1 KB 132ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5ktywAAn9kIu8PmAAMMg9gjGZKEMglamolPQA&u=%7C2v6FfEhptRpkUku72Efu1pQR2gnGrOAJAamkdOuAvqw%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDbOiPmOWzW3k71Mbk_DoGTELDxujnS0oLLgEvn1yP-xNFviOZcxUBmuea_fF3F0TZ82EfKrJf5U4iXDLN8p7N0_CqQdBT0JtMOmnuXzwdB7jXdIM7Em698M5Dl9Q65CfL4XmzZvG6Bzncgm-gLdeB78WpoJGDL7702YV4wy5lbZgc0FfkpDl4nPGNzjYwtRq_B6-f5FF0BLIys3xS6LHCdCRM4-WZZfdPeqsYsa0sBUmGtKACwb0f1JckQOtrIIOp1kPsfmOg_t_ndLrOpYGk1M0hRjD-pO6sMzwOi7SoUH5Lk9yH5nEVcndNgGRHlJoRH97lUda1jxRP3vBCAuzAmnbqGxr6becRLPQHM2XqfOAXBWBgacQ8PVWbsU_Nq9JeF9XVtxKKvXde49wKUjeInCPV09GPupxToxJGm1Ms3ijrgPRziDzsGRrX3Qv9cYmKFufCLPFciSnAlWiXIypHQMlSK9Zr3iLEDQo0R5bPK3GUYmBI8COIdllme8na5dKqph2jogf6CYocnj3sVib4_1wkTPcvTuhUWmsnY-Wydhmv0gX3gUX0yQkyA4U-K0xD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAKU4yy2ZY9m_AuaH7_UPg5mM4Abkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEqAFP0LmkCKxzUsLdVeXVp45baVhgtFalHnJQZ40KlC5MR500SrKRu8kONlKP_CJMQYAwaKdvDabxB26rvAToFfo5UrQtlLi-TAbv0QwqKtqh6wof162GBgJLtsyQVLfV0DJq8_Vbo3Is32IAzJbWd7G1eGtY0kiMceXFu-lFlblwrWfJZYz8hS87saUI5JhVSBO6QBCFB3_sy1qeWNC8iKvw_ORptWIYJZmABs-o-caAxtXt8gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27v3P7TDf9KvaRluMPnZ1gA0flcw%26client%3Dca-pub-2843374221922515%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:35 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 472C 2 KB
1 KB 138ms
47ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 472C 308 B
636 B 129ms
43ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 09 Dec 2023 01:58:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 472C 293 B
621 B 130ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 09 Dec 2023 01:58:35 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 472C 43 B
348 B 141ms
47ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0MmDmpbC7mbtG6B0AM81oIpvy_3ZND8spkR-_nbdNzM8APbty4M8B4Exoz9PIlthTfYc8iM5vQtODAC5JQy4UXxxe87aO__K9jn7uLyMFcxN9jujU7YX9zC0dHHT1l_SC7LFGKSJadS_017OewUg41zqPrNVPECc5Eo5C7YHECtvMdDlgc-Q8YfvDfDeyZzNSoElGXu0Hx4mO2wbSPa1K6TKww4VGiS48YYxj8hsCBCAZ7qyzwyIIz9VBrA3B1PQN-N4bYZFw5hApx58pzuaOfTfTXubmkSm8G4o769jZgrAQqjc9OK8LShVupXFFUECRu9pLwD2dvtcngmgCDs7WuuotMmGT7uN98aECxHELko6nr5Ffzzef2fLBS_YcsUtTpbstA9JrLmqaSBC3TVctfVQoUBV8lW7I00wR9fx1lvNn1Ag

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2716126
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 472C 12 KB
5 KB 137ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1061676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmHTWjJj7W6YX4gMs1RAPvfc1O3gELDWGn8jm1q5Gn4zYS9BtGLs7zxuzP7MN7ke4BuvWzvUG7AQjGBosdhQmBIIu6YQ0eMcVWcAPIP0VHAca5BJeMSqYSeOJ9auHxsWmYiojJBXnSxk3Q2tiABjNeGO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 779355d88c407698-LHR
expires: Mon, 04 Dec 2023 01:58:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 472C 12 KB
6 KB 131ms
51ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 472C 9 KB
9 KB 127ms
41ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=83486&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F15191%2F200729%2F69fea1dc62e44d058c8924ee41fcf747_babbel-logo.7aa2e9b55ad748e39c0b5ad7c32c1088.png&v=3&w=236&s=Sdc7_sfzoeA0TuTMUIlnBHct

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b6f4cfdce8e72f069b31dfec2e25d3a06b71eb1768d2e7e835c7ebdffa7fdf8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30345986
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9313
expires: Thu, 30 Nov 2023 07:25:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 472C 31 KB
31 KB 129ms
43ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=83486&q=80&r=0&u=https%3A%2F%2Fads.babbel.com%2Fretargeting%2FImages%2Bfor%2Bretargeting%2FPhone_Flag_SPA.png&v=3&w=400&s=V6VtquDVo3J1Ie2zS6OyMjAo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8689099114535a45a372df8c207eab067759dd17a2632356673223a6643f7c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31606
expires: Sat, 09 Dec 2023 01:58:35 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 472C 0
128 B 130ms
44ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ujZhglUhXcO1gekKkiAJHb7q3fCie5NluZQi2l6bjyCG6v3oGGGyYCsGcb6WE9V1ydmgJvj3BsS-G6HgmhPryQkp_WbtxVxIwxh0afsy1gpZO0RvfuBqOWxjbPKq2ZTsY93y133XbnElIgps0HAbW2gBSKLqdxLw6cb2FMMdbVmDZ8D5A5YrEBGK-492cwf05Z81jpe4CXZo1JDw33EgLu9J0mdPFRW_XIPf82f-ARUzjtbVAza9z9CK-75KocRE4vA2pg&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 472C 2 KB
1 KB 113ms
49ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 472C 2 KB
1 KB 47ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 472C 3 KB
1 KB 170ms
58ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:58:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 01:58:35 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 472C 30 KB
31 KB 157ms
47ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 35546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 16:06:09 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
48 KB 189ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1616427bb47a926ce6d35f767c32c4fdb57e111cdb14d0a841a20ee436871f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49495
x-xss-protection: 0
server: cafe
etag: 1259078685911314195
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:58:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 159ms
61ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f5b2f79b5809fce8bc74c1f93a01ab844abe93c6e823e51d59705ccd2532c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11217
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v2.7/plugins/ Frame BBBB 65 KB
19 KB 266ms
148ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f4f2d47c53104%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ff1658cc2b3c4a9c%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=eee34c4512921bcf8248abdceeb1e4ec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79e9a60da5ab796fea19a2a0126048842d6329ca2b19ce4f0ea48297204f5e07

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 14 Dec 2022 01:58:36 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: S7GzSz9S+u2NJn8kJojbjkCNfyVondXQQmQj1S0MTsgDh3fQsg19ldbxs6om6qWPhj5Mvn1OYtAQXu0FsQ6Gsw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 153ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:58:36 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame B8BF 10 KB
4 KB 47ms
47ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 17:06:10 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 17:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 160ms
58ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 154ms
56ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F040 291 KB
61 KB 369ms
368ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1670983116&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&dt=1670983116105&bpp=3&bdt=2041&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D96fc1b157da0a4dc-2275edc40ed900a4%3AT%3D1670983115%3ART%3D1670983115%3AS%3DALNI_MbreJr5WrrQ9GsNXS-WIdyiPkaKsA&gpic=UID%3D00000b925ee29a62%3AT%3D1670983115%3ART%3D1670983115%3AS%3DALNI_MbgUAirRCgTRXDO2ksGcvR33dMmmw&prev_slotnames=6868198912&nras=1&correlator=2995779715239&frm=20&pv=1&ga_vid=1508346062.1670983115&ga_sid=1670983115&ga_hid=401274080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&psts=AMjMPc0X--xc6zLFCs999mZ5sykmEW4XNIirMq33AFYQv-CEiA9XEQ0MoxK3fc5R34YzBfzvzOfoY1l35j0KtQ&pvsid=2119683902805873&tmod=1367643892&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cf95c00de62248babad1a112971905536f8c157885d89c86b0b0aae1678ff7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 62333
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:58:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame BBBB 299 B
560 B 57ms
56ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f4f2d47c53104%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ff1658cc2b3c4a9c%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: tVUL4rXexE3CBJeJJYXwXUGnSz/Cwm/zRgeEfd3EomiwyVnZxz2VUt9ZrgHWVZ0t64e3psEZ7BJZE+82qqSzyg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Dec 2023 06:12:43 GMT

GET
H2 200 ojZ3lkPiziE.js Show response
static.xx.fbcdn.net/rsrc.php/v3il1s4/y9/l/uk_UA/ Frame BBBB 526 KB
135 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3il1s4/y9/l/uk_UA/ojZ3lkPiziE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c928c679bf15f01e62855b4e1c6abd2b9c5afff55cc0a5158ab2ce4eb35d2a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6yuKQa+NqjbDHQdynJ+cDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138133
x-fb-rlafr: 0
x-fb-debug: YY+Nn1eNFC7uyzNPL1XDy+alJiZgqLmEOqsfZCBRR8C7PLPbdLUHAwtoQvh8+wojgjKJKSaoOZZJDWNGZVhPJA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 13 Dec 2023 21:28:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B4C 13 KB
5 KB 49ms
48ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 10552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 23:02:44 GMT
expires: Wed, 13 Dec 2023 23:02:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ADCA 783 B
1 KB 162ms
58ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

924c854dc873c62b70970dccef51816de682011324cd4e85dc6feffebf82fa7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CxsHFlOw8lJ7e08V2JCqng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-CxsHFlOw8lJ7e08V2JCqng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:58:36 GMT
expires: Wed, 14 Dec 2022 01:58:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B4C 36 KB
16 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ADCA 0
0 82ms
82ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2119683902805873&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6B4C 0
10 B 47ms
46ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gzGccQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF72 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssonJiayIcbZIOvh9GCS0s5yZUmPEu4bBOGqBPxofqMWLtCZjMpa73S5h_SP2KVBcKQDseotNhkyTllZ9WQVPv8yy2Z&sig=Cg0ArKJSzMMHyx9ARADFEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2404697248&rs=2&la=0&cr=0&vs=4&r=v&rst=1670983114900&rpt=583&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 472C 0
127 B 41ms
41ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 01:58:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aa2dd71bfb7389b0bfdbab2fbe524408aac661c23fab815112a782c8ffb5413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 2785088195152415767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:58:36 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 62ms
61ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
62ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame C04D 10 KB
4 KB 48ms
48ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 84673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 02:27:23 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 02:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 29C2 10 KB
4 KB 48ms
47ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 84673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 02:27:23 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 02:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 4EBB 10 KB
4 KB 50ms
49ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 84673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 02:27:23 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 02:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C04D 4 KB
621 B 151ms
56ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:47:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 01:58:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C04D 2 KB
765 B 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C04D 0
0 93ms
93ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CifdzzC2ZY9DFCoy-9u8P_vehuAbeueL0benEqLyeEJyGk8CwARABIJmQug5gu4aAgNAKoAG3mIGiKMgBCakCukGqoKhvez6oAwHIA8sEqgS8AU_Q7WLp0SMKSI5GY5IPIEBau2oJ0YN_0C_PBo2i3LO9TT7zjU-WxFQ470bWlVpbxcqHsSPs-i6oNDXyKrd4YA0pPE-LY-FuyJwWIagh2HdsPrRlTjSoPs0qVZDogm3TbWQ0ub8xAiDNDfKFWjq7RKFgN2SrmLCMj_QbXOY3FYwZY_FdLfi7tyt59G4N1B5fT_cfCcyN-ZkuBZC_q1M1vBfa0hcfNMg5A-ORyvfu-XLPtbtSoOHcLJFSW6BIwASOmcnVlASSBQQIBBgBkgUECAUYBKAGLoAH7J79yQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCn7RTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMjg0MzM3NDIyMTkyMjUxNRgA&sigh=C5Oi-SdOZZ4&uach_m=[UACH]&cid=CAQSPADq26N9tQK1KWM2MztP7d-FXYMqOX-xaBMaIsIeplYiqsEUNtiaSV01_YKHrvpFpsGlUk2AnD53gSR4HRgBIBM&template_id=484

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 01:58:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame C04D 23 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C04D 3 KB
1 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:55:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C04D 18 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C04D 0
0 153ms
56ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_pXQhB2BUdlBE63dSpHaVcW9L0F-mxW11drWZxYPa-X1ZyDCzn30a08_lEZS_2jiHWOOvxUUgHO6L9whTcr1VYASyGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C04D 153 KB
47 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:58:36 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame C04D 34 KB
14 KB 155ms
48ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:16:52 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/4266227672771990750/ Frame C04D 14 KB
14 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4266227672771990750/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95cdbd06b614b5e27eea2420fcdb61645df71ba1a6323643c351e7c48ebda220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:23:24 GMT
x-content-type-options: nosniff
age: 365712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14585
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 10:18:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 20:23:24 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17193986604119799349/ Frame C04D 7 KB
7 KB 87ms
87ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17193986604119799349/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

207de62d2630cd8e92e0e099ca1e5eeab86b28519994b3e428475874596efe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:12:36 GMT
x-content-type-options: nosniff
age: 143160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6790
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 08:37:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Dec 2023 10:12:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 29C2 2 KB
765 B 81ms
81ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 29C2 23 KB
9 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 29C2 3 KB
1 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:55:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 29C2 18 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 29C2 0
0 136ms
54ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT67CsoqhAAyZzg106v0Eu1lpiQufzmHHHBASeE_LjHpi5hW0hoyREVxZsOLLRjhr0gKIAyWz4vO-glMFn74RPTGjIAKA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29C2 153 KB
47 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:58:36 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 29C2 34 KB
14 KB 152ms
60ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:16:52 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 24EC 121 KB
43 KB 80ms
80ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5ktzAACotIH_Z8MAAh7_pHQHZ5ye5ZX917Czg&u=%7CO3eKcsXq6c7Vb9lb%2FyE7gF82WWt%2FyYLdQMfMnDJ7ZpE%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6vIwM_SX-y2rV8ZNHY5Wggvq8iL2aFnq5ENZXndqcpfP9SQJR5_Ox7hjauID21byvoTRPfQjY1OwwLj9v431qMI8YtdhcGXjVSu6LN4_piuct54w-nh80_S1mnmTFWU2LB5w2xv8VJdDTw9o38der5EBWe9kaaUqqrpR7JybvFKUr-z55i57Rb0X9DhWobc_HnxpzAB-vk1zJOzo_KIfoEDnsIlUOAr8lugVsev9EL5-fU1t3OaRFXe86TaBe4t0VJt998_LpwWNEHe8MWc-lxRUZFiOjaPXNC_ncQw-zFe5KInZYBOgC2xbk1iofsUURJM_EN2UsxsQEEdAUtstXOZDx8rVt3rvlfOdyJcPvw2xAPvfzjZxo3G723fZI0PQMoLJC0pTktpOGz5zwOFlvKJgDeiIKlWBswaCN4J3jMGu0B0S086tnf2L0vMM0WAVldYyUMw_SAuIG8xVOuAlQmtXnX56Cv-cbPCv8jMntakW8Fh5f5mYK-FTh6WyMtJ7BOGL2iCb9glYCafzmAXaj5ZRnuXhXQtz2UFYGngytDLzP4_iZtQd0vsRYT678j0ZOKZi74F5DufIARQuSTP-emilqqhWnFMHk6naCvkkYIohI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj7xhzC2ZY9LFCoy-9u8P_vehuAbkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEqQFP0Dkp-ipgSCslVhFDMxuWk0nUslNxltEzr6sTLqJDNxwlj3WDnYxe0XH2Up35OXKcQIFWLW4KBsRiRVQus-sJncg_5h8JPdCn6o7o6nweWz6hXuIu1F69bn8O4KWcxFwJMvs_s80CDDLcD9liwkwfSejGsKwlAyADzFSR7CvJoSNz1i27ljTPTxhfTVkmcQFH2QaPy5hWWdz0m6pg5XTUHG9H2c1Co9eAgAbPqPnGgMbV7fIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34uF1gihmcevPJGjKjzVeFcOwIVQ%26client%3Dca-pub-2843374221922515%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

16bccc67ee3adf79edc4b3a9c0196c43a240f0c834ef41290fb6a698385464e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:58:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=UUNJ_lUhXcO1gekKi6y6MT7wTkZZGfFRcBHTG79k33zCd3yzqPUfV9S5QGpV-Yo-OhblUw79Uzc5PuB3T75I2ZCsJwy9lONeuMKfSPLMXnlUYFBtW_zsyaaDp25fIgN4Vuqd4FbJWv9TJWcC_wdEux6lypD5WRr29c03k1tO8MPhgCOatXakruf0Ugf29vUJuIiqCWYkYu-4mMKn6RDUQXR7ZWomPum3_T0nVBg99yUCEocCzExAn2REdJI9oNconZQrOA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 37689618
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4EBB 3 KB
1 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:55:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B1F7 1 KB
643 B 48ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 53820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4EBB 18 KB
7 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4EBB 0
0 129ms
55ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3yV3EhUbmUwppPv3toGmnllUfawWBXqrryG9EFHH1chge8fdpCktC2YZiOyuRUfix_tvyGK17AP4OMXDqfOg29OjGeA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EBB 153 KB
47 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:58:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9FE3 1 KB
643 B 52ms
52ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 53820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C04D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e94fa795b7f0b5852074145df4745c69165736f78405e86c834ef93b1e952570

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 83AB 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 53820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1F7
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBQz3rtGSH6GsfCjj0fVPGU&google_cver=1&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILf...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBQz3rtGSH6GsfCjj0fVPGU&google_cver=1&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILfSp7i1tI2OQ&google_hm=j7-iF6qLS2mJmUMKuLO9nw==

170 B
188 B

89ms
59ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILfSp7i1tI2OQ&google_hm=j7-iF6qLS2mJmUMKuLO9nw==

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILfSp7i1tI2OQ&google_hm=j7-iF6qLS2mJmUMKuLO9nw==
date: Wed, 14 Dec 2022 01:58:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1F7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECBqrgG-MAyEnd_JA48lkMw&google_cver=1&google_push=ASkJ3FYKPOoW5rjcR1-DLf5PDH3GWhu6COb_aGOJPkcsD8uJVmOvBAUnHLGUsnI-q9fJSF-HbNI2_DRtJjcamMqCPX3YOOO...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYKPOoW5rjcR1-DLf5PDH3GWhu6COb_aGOJPkcsD8uJVmOvBAUnHLGUsnI-q9fJSF-HbNI2_DRtJjcamMqCPX3YOOO5MtFOVU8&google_hm=eS05RGNNQll4RTJwRnN...

170 B
188 B

157ms
61ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYKPOoW5rjcR1-DLf5PDH3GWhu6COb_aGOJPkcsD8uJVmOvBAUnHLGUsnI-q9fJSF-HbNI2_DRtJjcamMqCPX3YOOO5MtFOVU8&google_hm=eS05RGNNQll4RTJwRnNQalltb2lGeW94RDVscGJoZkZCYn5B

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 14 Dec 2022 01:58:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYKPOoW5rjcR1-DLf5PDH3GWhu6COb_aGOJPkcsD8uJVmOvBAUnHLGUsnI-q9fJSF-HbNI2_DRtJjcamMqCPX3YOOO5MtFOVU8&google_hm=eS05RGNNQll4RTJwRnNQalltb2lGeW94RDVscGJoZkZCYn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1F7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzWZbA3aZom_mU27aJQAAAscAAAIB&google_nid=index&google_push=ASkJ3FYAbUYIz-EwOlc0QGu4yroKNqEIH0HhR...

170 B
188 B

139ms
58ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzWZbA3aZom_mU27aJQAAAscAAAIB&google_nid=index&google_push=ASkJ3FYAbUYIz-EwOlc0QGu4yroKNqEIH0HhRkywR0ytIqinvzdPahG_w4QstuWn59rR9-AfX30M6kgkWTvvObCXNP71avHtJwrKRA

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JP6Eb2eR4cpm7ar6wRjsU3lgLYnkoJjZCCLSTYg0f%2F2lS4h7kAd8s7zI0BLNW7DN%2FdGqxF51eAPDoAwQJzi1YUoe9286s8OiDJysu%2Bz87TxAKmpjQdkvxGaLGxIKxCRfcazCk9qsDeysuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzWZbA3aZom_mU27aJQAAAscAAAIB&google_nid=index&google_push=ASkJ3FYAbUYIz-EwOlc0QGu4yroKNqEIH0HhRkywR0ytIqinvzdPahG_w4QstuWn59rR9-AfX30M6kgkWTvvObCXNP71avHtJwrKRA
cache-control: no-cache
cf-ray: 779355e219543601-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1F7
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0XEXZ_eUB_Pi9A&google_hm=Fz-2sGZH7-_-GcqbQZm6...

170 B
188 B

158ms
63ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0XEXZ_eUB_Pi9A&google_hm=Fz-2sGZH7-_-GcqbQZm6glFv

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 14 Dec 2022 01:58:37 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FanL50xG4SYbYwSv2eS-_xTnjRxxrYxb-BGjiOG6qW-B6JEftjTcnLXhadPhRjERnhUmLaTEqyIhJDGuDTh0XEXZ_eUB_Pi9A&google_hm=Fz-2sGZH7-_-GcqbQZm6glFv
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1F7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEF25UPdUIyoJeu5P1MiB63c&google_cver=1&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGOnZi_l3YzSP0TtreMm...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEF25UPdUIyoJeu5P1MiB63c&google_cver=1&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGOnZi_l3YzSP0TtreMm...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUE5qUFhkRTJ1SGNzejB1MEFvRkJPbkpSTjU4QjNjZ35B&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGO...

170 B
188 B

156ms
61ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUE5qUFhkRTJ1SGNzejB1MEFvRkJPbkpSTjU4QjNjZ35B&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGOnZi_l3YzSP0TtreMmrZ7aHey6yltZ3hdZIVb8GLsfCdcMP_

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUE5qUFhkRTJ1SGNzejB1MEFvRkJPbkpSTjU4QjNjZ35B&google_push=ASkJ3FYkrVQkuZ7PtbFjb47QBmUB7qQdap7jQHfSaQUoOE4rzqPXO9fGOnZi_l3YzSP0TtreMmrZ7aHey6yltZ3hdZIVb8GLsfCdcMP_
date: Wed, 14 Dec 2022 01:58:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame B1F7
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAY9UGPRzdFdk27t3qql080&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3Fbt7TJfz5QdK8AlgSXYh7exgYABUP7SZ6PTivrb-nDVahL2a_hQh48_VcZacZwABZ-fL0SGI1lLjlkNC6fRe7B7SYNdS1Ln478
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

75ms
74ms

Image
image/gif

23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 14 Dec 2022 01:58:37 GMT
pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1F7
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENnbE2Qag...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENn...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8fbfa217-aa8b-4b69-8999-430ab8b3bd9f&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

91ms
61ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8fbfa217-aa8b-4b69-8999-430ab8b3bd9f&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8fbfa217-aa8b-4b69-8999-430ab8b3bd9f&%%GOOGLE_PUSH_PAIR%%
date: Wed, 14 Dec 2022 01:58:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B1F7 0
232 B 186ms
55ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDeJNscmY1df56QImZSmh7Q909uy-XiuDVrl4su9t7xBKa6Ap5B7p_yQUoqSsg8ZcvZ1Emjv-s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 24EC 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5ktzAACotIH_Z8MAAh7_pHQHZ5ye5ZX917Czg&u=%7CO3eKcsXq6c7Vb9lb%2FyE7gF82WWt%2FyYLdQMfMnDJ7ZpE%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6vIwM_SX-y2rV8ZNHY5Wggvq8iL2aFnq5ENZXndqcpfP9SQJR5_Ox7hjauID21byvoTRPfQjY1OwwLj9v431qMI8YtdhcGXjVSu6LN4_piuct54w-nh80_S1mnmTFWU2LB5w2xv8VJdDTw9o38der5EBWe9kaaUqqrpR7JybvFKUr-z55i57Rb0X9DhWobc_HnxpzAB-vk1zJOzo_KIfoEDnsIlUOAr8lugVsev9EL5-fU1t3OaRFXe86TaBe4t0VJt998_LpwWNEHe8MWc-lxRUZFiOjaPXNC_ncQw-zFe5KInZYBOgC2xbk1iofsUURJM_EN2UsxsQEEdAUtstXOZDx8rVt3rvlfOdyJcPvw2xAPvfzjZxo3G723fZI0PQMoLJC0pTktpOGz5zwOFlvKJgDeiIKlWBswaCN4J3jMGu0B0S086tnf2L0vMM0WAVldYyUMw_SAuIG8xVOuAlQmtXnX56Cv-cbPCv8jMntakW8Fh5f5mYK-FTh6WyMtJ7BOGL2iCb9glYCafzmAXaj5ZRnuXhXQtz2UFYGngytDLzP4_iZtQd0vsRYT678j0ZOKZi74F5DufIARQuSTP-emilqqhWnFMHk6naCvkkYIohI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj7xhzC2ZY9LFCoy-9u8P_vehuAbkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEqQFP0Dkp-ipgSCslVhFDMxuWk0nUslNxltEzr6sTLqJDNxwlj3WDnYxe0XH2Up35OXKcQIFWLW4KBsRiRVQus-sJncg_5h8JPdCn6o7o6nweWz6hXuIu1F69bn8O4KWcxFwJMvs_s80CDDLcD9liwkwfSejGsKwlAyADzFSR7CvJoSNz1i27ljTPTxhfTVkmcQFH2QaPy5hWWdz0m6pg5XTUHG9H2c1Co9eAgAbPqPnGgMbV7fIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34uF1gihmcevPJGjKjzVeFcOwIVQ%26client%3Dca-pub-2843374221922515%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 24EC 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 24EC 308 B
636 B 41ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 09 Dec 2023 01:58:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 24EC 293 B
621 B 41ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 24EC 43 B
347 B 46ms
46ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GPYZkMJKE2VzB_Z_38hu_IY21aXQjsG4hQKgZCfmthN4zlVQS2waNkKFcYY-PfugtDQBdViWHnOB4PfmKr6dghjZQYltQf97hZCdi8jVbA_rOtiLzK5b85Kj6WLeFrVoZorWnQZm_MYt_HTp2BX7sO_tsmy5doN4aNzfCGiFkcIarjo6y1OP9T-N3NR1ngweh2rqUhBHMzH2d1C40MTc2Klo6xCo0hpsSkNcmlf4cJak9lSSkxBjZN8SALb1iWHlcYLHjhV7EvkX5nty3t1qtcTNS5FvRzD0o5qeTu7GWDls4fr8ApgvQeq7MzHwEmUZtaYatVHWlRIM9BlEoSBJN9K6vpsY3F_yPfh_0MIUoXmZOmG5sMZ5iertIuCVx0ExEQX5aLIQkRi8l6Rcetw5gnuObCIelvk_3uxko_uUJIJtG8Yy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3859269
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 24EC 2 KB
803 B 53ms
53ms Stylesheet
text/css 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 24EC 2 KB
803 B 40ms
40ms Stylesheet
text/css 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 24EC 12 KB
6 KB 43ms
42ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 24EC 0
127 B 42ms
41ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=UUNJ_lUhXcO1gekKi6y6MT7wTkZZGfFRcBHTG79k33zCd3yzqPUfV9S5QGpV-Yo-OhblUw79Uzc5PuB3T75I2ZCsJwy9lONeuMKfSPLMXnlUYFBtW_zsyaaDp25fIgN4Vuqd4FbJWv9TJWcC_wdEux6lypD5WRr29c03k1tO8MPhgCOatXakruf0Ugf29vUJuIiqCWYkYu-4mMKn6RDUQXR7ZWomPum3_T0nVBg99yUCEocCzExAn2REdJI9oNconZQrOA&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 01:58:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 24EC 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 24EC 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9FE3 0
104 B 195ms
77ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELBfhTv0VSXWzV9rIImQQ7s&google_cver=1&google_push=ASkJ3FbI0-5FYQ1hRgXkZgX7d1EAib8JITx_1xqj7a03rBYK7KX6Q1eOmy6bTDDVSNbdC4p0Mr_4pkue_FJYg4lzggAPBxqyyLXqQWah
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPc_1yUEtZ40nfGYGxKsZw0&google_cver=1&google_push=ASkJ3Fa5WD9FgKj0LFY_D5EIAK017ppFklERxfHyQMd09qapQxiGRtO3kPHwwR7g8NjLACjRBhLKFwbJik4...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fa5WD9FgKj0LFY_D5EIAK017ppFklERxfHyQMd09qapQxiGRtO3kPHwwR7g8NjLACjRBhLKFwbJik4FE9qrqNVz4mWHi5xG-5w&google_hm=0mQYL7-2QoulAsB_J...

170 B
188 B

156ms
62ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fa5WD9FgKj0LFY_D5EIAK017ppFklERxfHyQMd09qapQxiGRtO3kPHwwR7g8NjLACjRBhLKFwbJik4FE9qrqNVz4mWHi5xG-5w&google_hm=0mQYL7-2QoulAsB_J2Rdvmk

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fa5WD9FgKj0LFY_D5EIAK017ppFklERxfHyQMd09qapQxiGRtO3kPHwwR7g8NjLACjRBhLKFwbJik4FE9qrqNVz4mWHi5xG-5w&google_hm=0mQYL7-2QoulAsB_J2Rdvmk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAIOTEcEemd6bBRhBP_6uhQ&google_cver=1&google_push=ASkJ3Fbo-A2anHulBkQzWKSkR0B-KO_SFBc6QVrnv-E6ob48mHkrWQCcO7hsum8v_HN46gaPCKTvmYrPB7aBbS...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxNzgzOTY4NzY2MTcxNw%3D%3D&google_push=ASkJ3Fbo-A2anHulBkQzWKSkR0B-KO_SFBc6QVrnv-E6ob48mHkrWQCcO7hsum8v_HN46gaPCKTvmYrPB7aBbSHOIw...

170 B
188 B

92ms
60ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxNzgzOTY4NzY2MTcxNw%3D%3D&google_push=ASkJ3Fbo-A2anHulBkQzWKSkR0B-KO_SFBc6QVrnv-E6ob48mHkrWQCcO7hsum8v_HN46gaPCKTvmYrPB7aBbSHOIwemp0PAojQ69mov

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxNzgzOTY4NzY2MTcxNw%3D%3D&google_push=ASkJ3Fbo-A2anHulBkQzWKSkR0B-KO_SFBc6QVrnv-E6ob48mHkrWQCcO7hsum8v_HN46gaPCKTvmYrPB7aBbSHOIwemp0PAojQ69mov
Date: Wed, 14 Dec 2022 01:58:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE3
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAKlM-WDQ3zZwxeYAuECBOE&google_cver=1&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrKlh...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAKlM-WDQ3zZwxeYAuECBOE&google_cver=1&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrK...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrKlhX2SatLNnX

170 B
188 B

59ms
59ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrKlhX2SatLNnX

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaAIeIwMJ-B0YSBSkt6EkYf1pWl9KnL1u8wFc40cice49AYwDV9_xgGGFepricPismif-6O9Dci4UoNp4od_XKrKlhX2SatLNnX
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIVyjP4LeWaLXrzvO5_ZgRY&google_cver=1&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BRpuq6H...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIVyjP4LeWaLXrzvO5_ZgRY&google_cver=1&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc1MzAyNzgxMDc3OTUyMTQ1Mw&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BRpuq...

170 B
188 B

58ms
58ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc1MzAyNzgxMDc3OTUyMTQ1Mw&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BRpuq6HDcPuS_7cVLZXmjgBrjhrP0n5

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc1MzAyNzgxMDc3OTUyMTQ1Mw&google_push=ASkJ3FYjlbt7EIazOECuV_j2XjLMJIjFtbGUzFF_aWoOEWejI_3jUKMi9DNqS029-Gc7XeIW6BRpuq6HDcPuS_7cVLZXmjgBrjhrP0n5
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9FE3 43 B
351 B 119ms
40ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEpYCA8yEGHDSqSWSHtPOAA&google_cver=1&google_push=ASkJ3FYEirLek8VBbx0kyp0dca_onhSCZRSlHH4vSCX470BzixDRFkkW5AxXSvBwHLxuB0kq6BaXcPq9iRfrO0mdey7a8uQ3H_loNiIU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: s6gmpkr3r4jcv1qs2bj19mdh8ejqaf2u

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FE3
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB2xpv--CVOwMjignPuVrNM&google_cver=1&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8jEPNIrCxtI2ffMi&google_hm=Fz-2sGZHIz7JDUi1RF...

170 B
188 B

154ms
60ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8jEPNIrCxtI2ffMi&google_hm=Fz-2sGZHIz7JDUi1RF6puER8

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 14 Dec 2022 01:58:37 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb53cPdPFdCzmnvdSfuk3RPIIqN1mQiFQAHSvNU66LJbJPQcQxO4KtEZF75n5SLdSdmkoyxl7qbzmnf9Ziv8jEPNIrCxtI2ffMi&google_hm=Fz-2sGZHIz7JDUi1RF6puER8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9FE3 0
40 B 77ms
55ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LxPm_nNAEMgTv7ROckhbFsDvxYnfkoTM4qR0MZv4f606O-IvYCH1sKqhWHstgWBBKbOJhh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 83AB 43 B
356 B 131ms
45ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIpaj6iufMZGGFJhEZHnmtg&google_push=ASkJ3FY0dFDxYQu-Tzo8JLl8dgJwx8ec-WkE63gEaVtTrqDB6hCDTbM3x7pOsErLC7gFW7LHTsZWhJtK3Y2yN0zOpEomRX0y2ncRo3ON&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83AB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMzb29Dcju85-bDZYKIrNkY&google_cver=1&google_push=ASkJ3Fa7VBXue8z0rdAOsmOSMeV9Gjg-KtdzcO6XKLfAwGOt3D0JpCYJahz768-sJx47iHwudW8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOMDdEMlktMUotQVgwMQ==&google_push=ASkJ3Fa7VBXue8z0rdAOsmOSMeV9Gjg-KtdzcO6XKLfAwGOt3D0JpCYJahz768-sJx47iHwudW8kObfZ0f4B9ZDrLn-FhB5wkBiODw7W

170 B
188 B

62ms
57ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOMDdEMlktMUotQVgwMQ==&google_push=ASkJ3Fa7VBXue8z0rdAOsmOSMeV9Gjg-KtdzcO6XKLfAwGOt3D0JpCYJahz768-sJx47iHwudW8kObfZ0f4B9ZDrLn-FhB5wkBiODw7W

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOMDdEMlktMUotQVgwMQ==&google_push=ASkJ3Fa7VBXue8z0rdAOsmOSMeV9Gjg-KtdzcO6XKLfAwGOt3D0JpCYJahz768-sJx47iHwudW8kObfZ0f4B9ZDrLn-FhB5wkBiODw7W
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83AB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzd3zDx0qPD32a8FsvAAAAsIAAAIB&google_nid=index&google_push=ASkJ3FaGI45Het155QCzoycgvOhhvL57yex8A...

170 B
188 B

145ms
62ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzd3zDx0qPD32a8FsvAAAAsIAAAIB&google_nid=index&google_push=ASkJ3FaGI45Het155QCzoycgvOhhvL57yex8AQQTKAfgwBa0vUOqOjGg7AkqjFXPtMd8KYYs7UHXQgBOVcBT9mlodu6fbZM5O224mzg

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAL%2B1yLrqf8N2JSIeqOyMqNreH9pgrtHHOnqai1ld3vx56AVhD4HKx%2F8KL%2FL7v42jNjIuOhFH0waK9ZrJmwgf4c%2BFWnIUTgdyJTGSMMhYM8OdLsY0UEogU%2BEetrFZyua1jaNZbT0zFuN0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDS_9L6FNXv4UFhgAxYDYDE&google_hm=Y5ktzd3zDx0qPD32a8FsvAAAAsIAAAIB&google_nid=index&google_push=ASkJ3FaGI45Het155QCzoycgvOhhvL57yex8AQQTKAfgwBa0vUOqOjGg7AkqjFXPtMd8KYYs7UHXQgBOVcBT9mlodu6fbZM5O224mzg
cache-control: no-cache
cf-ray: 779355e209513601-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83AB
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m&redir=https%3A%2F%2Fcm.g.d...
https://sync.targeting.unrulymedia.com/csync/RX-a437fc6c-07f7-4025-878a-1096c8bbb50b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FbzQZF0rXtvVPOP7i4MQ...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m&google_hm=A6Q3_GwH90Alh4oQlsi7tQs

170 B
188 B

59ms
58ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m&google_hm=A6Q3_GwH90Alh4oQlsi7tQs

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbzQZF0rXtvVPOP7i4MQd_8UMz7oa7SOF1CqbEz_fbq0ZdysZ7zjhU8mdJI644xNVoNQ6ahg0A1M5nXBEjb17SkV9Dnnb7wxR5m&google_hm=A6Q3_GwH90Alh4oQlsi7tQs
date: Wed, 14 Dec 2022 01:58:37 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXa437fc6c07f74025878a1096c8bbb50b003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83AB
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOGHw-gInyvMj1XN9FImcEE&google_cver=1&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZRpLKdPUSmjrepAkTWnzGfFIYfTR5LhhNHJoiyEn8jc...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZRpLKdPUSmjrepAkTWnzGfFIYfTR5LhhNHJoiyEn8jcI...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2OTI2NDc4NDcxNjUzMDU2NTAwOQ%3D%3D&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZ...

170 B
188 B

58ms
58ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2OTI2NDc4NDcxNjUzMDU2NTAwOQ%3D%3D&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZRpLKdPUSmjrepAkTWnzGfFIYfTR5LhhNHJoiyEn8jcI6tAj2

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2OTI2NDc4NDcxNjUzMDU2NTAwOQ%3D%3D&google_push=ASkJ3FbSVoQCgRRX9fK4ggbWkE2FwoV2k7eCdipkx4McWwRUEJIx2XwZRpLKdPUSmjrepAkTWnzGfFIYfTR5LhhNHJoiyEn8jcI6tAj2
date: Wed, 14 Dec 2022 01:58:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 83AB
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGCEXq2QZ1ht_vCQkEXvvQs&google_cver=1&google_push=ASkJ3FZcY0etnuYHfFAKgEfU_BIDhl9A8tRjX4Dpd_a4o3F9hseGTLyBricff0GTd8r1pe0CDLKfsnH9zSv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZcY0etnuYHfFAKgEfU_BIDhl9A8tRjX4Dpd_a4o3F9hseGTLyBricff0GTd8r1pe0CDLKfsnH9zSvYYvs5WgCt3l2fMf9JIirFjg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

56ms
50ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 83AB
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAY9UGPRzdFdk27t3qql080&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FbYWQLaT3BZV3DdxCY3UEnAMmU6NbiO7ar9Alh8b8Z8YeQjgJmkkk4uOWW--Ph5GCdUG81bnh55k7plwmw4zo5H3-kzmGrX4hOVoA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

74ms
73ms

Image
image/gif

23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 14 Dec 2022 01:58:37 GMT
pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 83AB 0
49 B 73ms
56ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNe3nwS9SiiWRaH6tTussMLfRAx4VFxIg6G4H2_i5tRxFDYW-1QJC03jlnv4OLCd9BDZbEDSg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 87ms
86ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2119683902805873&bg=!HR6lHlrNAAYgquz3AKo7ACkAdvg8Wq7oX9fH0QJl4fF-ZJ4hYqOjQCc7Bnhg-4yqmImlWMzy0IPbdAIAAABjUgAAAAJoAQcKAKtdvXYlACJaLvukiqlsRMYHnFREGt7NmYiAsD50GS1fVLgUQe_y2F0q1x1Rst5M40Dh4Ar4mZEvza4u7slDB8k84oXtKFuryO7mtheoiHTSQVpixeV4tuVxZ3Q8AxsDScdDzfM5Suv73t1CwpinIyOb1UKtZBWB5QiXtKZDYeG0LAtG28gNm-RZkSUpSyJDRwDID2czgTB0Zh2LCIKyC9tXhCRWytcamUVB3g2ZAqSewVCB2jFdjtlO4PZ-Duczh-NzrYTz3vWz6Sxk9U5la0XPJODWwX5SeqUSZzwOlm6_HkR8A3gh3r4GhXa8TgTiE-AMlxMlaxOFoQRl8LRJDldgtnGNwxoiP87GHycJVpGlXsuBaCu6kn4e7AcFCJL7L7UxFIHqoDkyHR2pWCHhDhmpAiRmU7ktEs9wNu0FYMyJpNjX0VpAZcVwDF1ujI4cL_Eu0OE3JlqpZYsiwpv84AN1J88RSKm_qzMUe-4aKO-7t90r1ARZBA_s4dmp6ZcrZgi5RZ0J_Jr0I4QgMbTX16JTR6MLFom7LobyvzxgQVsNeggALUSBfUnc46CKMt4jm_1KgXnQP4NH6afCmbN8wlwwF0ZOwcWxYMg3NTn_ND7ben48yujpmHKi6-T7zto2iEZ0LFtyg4W-sKgoea1IOs3u7jrzFA8EL1Rv2yMekYabQgeXcpx754bCayzAPSP7gplr4AtW2aZ_3NuEmhnkXXnIJ_q-BEwZQc3zEXaKfm6lSNEaDdquVXPbp_D35boHYQfRtP2fNeleFNC1gz2yKH4rCQ1B5s61I28IWnXoLenUelKE3CQTDArmFBgRIS9AUiMiQwXDBeheb8SU6jd3-CFRelJneplgpopjdNzX1v0BrckxNQ0GWIvqjwnBZvMR3tfbvodNEAc-fvxm2jic5WvxFH0d8tDkitO9ANxqCKKTNe82KusJEj4lO8MMfFlXabGtCx99YkpvdW69RSfYx0ZaHa3gOL6uvkdy6AAaAZz-wLgmfbH-AlYI6ZDE8lTUmWAHy8RoZl8TpdxIxG1_3wWUfY_d9brnEZOYutrwPcyTW2uaYriDLZwuIIvUvTYcWIKOa5nMmH_S2TLVLQZPL-b7cvqoXE22rlKqM_1HP_6OWvsK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 6439218981534312586
tpc.googlesyndication.com/daca_images/simgad/ Frame 29C2 9 KB
9 KB 192ms
192ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6439218981534312586?w=180&h=320

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

629549b45f513c99ad018b46ed460480ce0a2c0bf036dd3c5d7aa31eb4298edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9446
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 09:34:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Dec 2022 01:58:37 GMT

GET
DATA 200
OK truncated
/ Frame 29C2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7e1be16c219c24911ffe1fd0258f2d75d65edd29c7014c21671ed3cf5ece5ea

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BAF7 36 KB
16 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F74E 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 29C2 0
17 B 91ms
91ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctv3nzC2ZY9HFCoy-9u8P_vehuAbeueL0benEqLyeELCygOyQAhABIJmQug5gu4aAgNAKoAG3mIGiKMgBAakCukGqoKhvez6oAwHIA8sEqgS7AU_Q4dxM1qFoAOL0fml7MsKLuMLYlykkauGd3EmTB7bv7NDyYTZMHGFsd367IOUUvPV_u7VVmr_fLYVjqJwa9KQtdNbdXi-YRTHt-NXIBe5KPWcdQru9HzXTePhzJMvJ6IvqfMCo7ipzTTNWrVR_JWcg41kOMuEgTdgZKYeBOtDDqJklVZMAM1xiSNvSmJNdIGZd4jD2lIOT2Ayl0cNtIsamw3XtGHS6O1FDeOSDWBnucqw-m6xbIYDZM-vABI6ZydWUBJIFBAgEGAGSBQQIBRgEoAYCgAfsnv3JA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIa_A9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTI4NDMzNzQyMjE5MjI1MTUYAA&sigh=dGOJ2sIy53w&uach_m=[UACH]&cid=CAQSPADq26N9tQK1KWM2MztP7d-FXYMqOX-xaBMaIsIeplYiqsEUNtiaSV01_YKHrvpFpsGlUk2AnD53gSR4HRgBIBM&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 01:58:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4EBB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b758e6fb8bc41df81e7def5c27e445acbf0e1493e6ac3534f603ae535f2abb9a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 24EC 13 KB
13 KB 161ms
80ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-3230"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 24EC 12 KB
13 KB 161ms
81ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4EBB 0
17 B 91ms
91ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtQuNzC2ZY9LFCoy-9u8P_vehuAbkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yODQzMzc0MjIxOTIyNTE1yAEJqQI7aj1HmMC0PqgDAaoEpgFP0Dkp-ipgSCslVhFDMxuWk0nUslNxltEzr6sTLqJDNxwlj3WDnYxe0XH2Up35OXKcQIFWLW4KBsRiRVQus-sJncg_5h8JPdCn6o7o6nweWz6hXuIu1F69bn8O4KWcxFwJMvs_s80CDDLcD9liwkwfSejGsKwlAyADzFSR7CvJoWFx979oNMbK3OpQ1dpC7apEzQwzwbZOglJv_zbBWmr4BL7AM8jRgAbPqPnGgMbV7fIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODQzMzc0MjIxOTIyNTE1GAA&sigh=1EWV_PlGpVE&uach_m=[UACH]&cid=CAQSPADq26N9tQK1KWM2MztP7d-FXYMqOX-xaBMaIsIeplYiqsEUNtiaSV01_YKHrvpFpsGlUk2AnD53gSR4HRgBIBM&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 01:58:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4EBB 0
125 B 41ms
41ms Image
text/plain 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kvGyFMO-MLQB9AOH-lcYAgAAAJkrjW9p2x2CWt897hDLLZljHf2lkwOMK1AmqJ8AEgAA&wp=Y5ktzAACotIH_Z8MAAh7_pHQHZ5ye5ZX917Czg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 339408
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 24EC 17 KB
17 KB 42ms
42ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=100&m=0&partner=83486&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F15191%2F200729%2F69fea1dc62e44d058c8924ee41fcf747_babbel-logo.7aa2e9b55ad748e39c0b5ad7c32c1088.png&v=3&w=356&s=smDeZhWtn0wXXYJbVolmpNJS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

25d0f782bd12966739ed6b3f6246523a36904610f56b86ff9cbf6dcdd7758a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30345984
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17316
expires: Thu, 30 Nov 2023 07:25:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 24EC 31 KB
31 KB 52ms
52ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=83486&q=80&r=0&u=https%3A%2F%2Fads.babbel.com%2Fretargeting%2FImages%2Bfor%2Bretargeting%2FPhone_Flag_ENG.png&v=3&w=800&s=e2iy4iktkgGGn1UNgloRlZGi&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8168b53a1009aa0ad981c201e526f9c6c11ed6ad17988e04b6da331d41b784e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31858
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 24EC 31 KB
31 KB 42ms
41ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8168b53a1009aa0ad981c201e526f9c6c11ed6ad17988e04b6da331d41b784e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31858
expires: Sat, 09 Dec 2023 01:58:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 24EC 17 KB
17 KB 48ms
48ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

25d0f782bd12966739ed6b3f6246523a36904610f56b86ff9cbf6dcdd7758a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:58:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30345984
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17316
expires: Thu, 30 Nov 2023 07:25:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 29C2 42 B
64 B 92ms
91ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOhiRnyNJyOp1a4J1lS5ZwhZCHLY61qCb_rJu0Wbdgzw9I_xTMOHudqkJAiuyvjEXHGzSPJt_kCCn_I5DzMNzgPW06xmysAr4iImql4qjSMKN3eWquiI8lOmSHCONI8uhV5qI-0Q&sai=AMfl-YRYisWzLeRHTrtV_tLE4ZhtdJ-plKxtI8hcr6RRPTflxd4PR6eBI8hXTb1v6bqTXLw7wZjbQgSuvvtbYUU3K6acNmULMom4OlT3aknlW-SStBsXFDEneq04bbNZkX0&sig=Cg0ArKJSzM9F92jlQXK-EAE&cid=CAQSPADq26N9tQK1KWM2MztP7d-FXYMqOX-xaBMaIsIeplYiqsEUNtiaSV01_YKHrvpFpsGlUk2AnD53gSR4HRgBIBM&id=lidar2&mcvt=1000&p=-90,0,410,180&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1670983116738&rpt=339&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C04D 42 B
64 B 92ms
91ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuf6RXUocRrVOPMOl9qDvDkhBhW7ihzgcKU_jQfi_4A3ySAC-ifuYApM8Co2xviXIiPB-nTiZuW-BUaawzGoqkNcPPrMOhFPIO1qStvur-cB-0YrnBa6osUSZO51SXOp_mRnHUMOA&sai=AMfl-YRKFMZI9iAFrjjFCC44Z0_0dW9GURYmO-BNV8a4q69nOgGr7kLEetGP9BOO7_l1svGh-lfUodohC3T1894S6OvkZaJixUuot6_-Y9yqx8xSt-mCg3RHtNNZfqnQHz4&sig=Cg0ArKJSzCbY3kaLQP9KEAE&cid=CAQSPADq26N9tQK1KWM2MztP7d-FXYMqOX-xaBMaIsIeplYiqsEUNtiaSV01_YKHrvpFpsGlUk2AnD53gSR4HRgBIBM&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=85,769,1001,1021,1021&tos=85,684,232,20,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1670983116725&rpt=344&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 24EC 0
127 B 42ms
41ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 01:58:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EBB 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoR34UfJmRagDs_YH2OiJZ2s9WlEaS37MNGm-TrbnzUmbIX_VQ2gAeT509XVJj5da6s2CiXdADxUgckGvVgDz83Av0&sig=Cg0ArKJSzOO8ONriBVruEAE&cid=CAASF-RoqPNqgsUhx0NZpZIWPXuu4Rbne6v6&id=lidar2&mcvt=1003&p=0,0,500,180&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1670983116740&rpt=286&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

289 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sum.in.ua/	1970-01-20 08:09:46	Name: kohana Value: hj6qful9iaio62cb89kf0hda71
sum.in.ua/	1969-12-31 23:59:59	Name: b Value: b
.i.ua/	1970-01-20 08:09:44	Name: __cf_bm Value: CzoPFP71nMCZHXZ4lHCyqwc8uWKxrPeVvLXBWO6R3aQ-1670983114-0-AeZ/lDKmlMaWg8W6mXIO2LiXi8RHcmWFka/25Kjv3dL1aG4nFuXJYa5J38Dg5PjayyHkTNpPJuwXm2Nwd7wwwo8=
.yadro.ru/	1970-01-20 16:55:01	Name: FTID Value: 1ZcItA2ErpeS1ZcItA001C6h
.yadro.ru/	1970-01-20 16:55:01	Name: VID Value: 3NoZRe3B37OS1ZcItA001C77
.sum.in.ua/	1970-01-20 17:31:19	Name: __gads Value: ID=96fc1b157da0a4dc-2275edc40ed900a4:T=1670983115:RT=1670983115:S=ALNI_MbreJr5WrrQ9GsNXS-WIdyiPkaKsA
.sum.in.ua/	1970-01-20 17:31:19	Name: __gpi Value: UID=00000b925ee29a62:T=1670983115:RT=1670983115:S=ALNI_MbgUAirRCgTRXDO2ksGcvR33dMmmw
.doubleclick.net/	1970-01-20 17:31:19	Name: IDE Value: AHWqTUmVJW43P9a_IpuQA8eA-Wk_t3TwaZe2d8ncHf6hzRW1oSDGJTRbv_XENIlaHhU
.casalemedia.com/	1970-01-20 10:19:19	Name: CMPS Value: 706
.bidswitch.net/	1970-01-20 16:55:19	Name: c Value: 1670983117
.bidswitch.net/	1970-01-20 16:55:19	Name: tuuid_lu Value: 1670983117
.bidswitch.net/	1970-01-20 16:55:19	Name: tuuid Value: 8fbfa217-aa8b-4b69-8999-430ab8b3bd9f
.analytics.yahoo.com/	1970-01-20 16:55:19	Name: IDSYNC Value: 18yx~28u1
.yahoo.com/	1970-01-20 16:55:40	Name: A3 Value: d=AQABBM0tmWMCECyO7kbXymV3sjApEzC-CEQFEgEBAQF_mmOjYwAAAAAA_eMAAA&S=AQAAAtq00-R1Axbv3H7UIfgc0_M
.ctnsnet.com/	1970-01-20 16:55:19	Name: cid_d264182fbfb6428ba502c07f27645dbe Value: 1
.ctnsnet.com/	1970-01-20 16:55:19	Name: gid_CAESEPc_1yUEtZ40nfGYGxKsZw0 Value: 1
.lijit.com/	1970-01-20 16:55:19	Name: ljt_reader Value: Fz-2sGZHIz7JDUi1RF6puER8
.casalemedia.com/	1970-01-20 16:55:19	Name: CMID Value: Y5ktzWZbA3aZom-mU27aJQAA
.casalemedia.com/	1970-01-20 10:19:19	Name: CMTS Value: 4357
.casalemedia.com/	1970-01-20 10:19:19	Name: CMPRO Value: 711
.adfarm1.adition.com/	1970-01-20 10:19:19	Name: UserID1 Value: 7176817839687661717
.3lift.com/	1970-01-20 10:19:19	Name: tluid Value: 3869264784716530565009
.bidswitch.net/	1970-01-20 08:09:43	Name: google_push Value: ASkJ3Fami_C6MBH6u6wcRfMKfzrglkSiSANuhp9ASExWd-J5Q7pTuTNFN8yuHzJi7WkQIsLqC0x_p4_KBd6ss7earILfSp7i1tI2OQ
.1rx.io/	1970-01-20 16:55:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a437fc6c-07f7-4025-878a-1096c8bbb50b-003%22%7D
.de17a.com/	1970-01-20 16:48:07	Name: guid Value: 1.3263778101173812644
.adform.net/	1970-01-20 08:53:41	Name: C Value: 1
.adform.net/	1970-01-20 09:36:07	Name: uid Value: 4753027810779521453
.targeting.unrulymedia.com/	1970-01-20 16:55:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a437fc6c-07f7-4025-878a-1096c8bbb50b-003%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://sum.in.ua/(Line 124) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.9469801407807201&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://sum.in.ua/(Line 124) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.9469801407807201&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1670983114&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1670983114529&bpp=21&bdt=465&idt=346&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&abxe=1&correlator=2995779715239&frm=20&pv=2&ga_vid=1508346062.1670983115&ga_sid=1670983115&ga_hid=401274080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=2119683902805873&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Si2S1fKRCN&p=http%3A//sum.in.ua&dtd=369 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
c.hit.ua
c1.adform.net
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i.i.ua
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r.i.ua
rtb.nl.eu.criteo.com
rtb.openx.net
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
sum.in.ua
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.3.81
172.217.16.130
172.64.154.237
178.250.2.148
18.156.0.31
18.194.50.17
195.242.161.64
213.155.156.181
213.19.147.45
216.52.2.19
23.218.209.56
2606:4700::6811:180e
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::21
2a02:2638::3
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:c4b2:9469:8ead:7508
34.98.67.61
35.186.193.173
35.186.253.211
37.157.5.142
51.89.9.251
69.173.144.165
76.223.111.18
85.114.159.93
88.212.201.198
88.212.202.52
89.184.81.35
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1616427bb47a926ce6d35f767c32c4fdb57e111cdb14d0a841a20ee436871f8f
16bccc67ee3adf79edc4b3a9c0196c43a240f0c834ef41290fb6a698385464e9
18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
207de62d2630cd8e92e0e099ca1e5eeab86b28519994b3e428475874596efe62
25d0f782bd12966739ed6b3f6246523a36904610f56b86ff9cbf6dcdd7758a8f
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
282cea909585f898ee48a49cbbba6cb6b982e5d4e0945dfa0ef7e05dadcec4ef
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34ac4248db1009ac1fe7c9b219b273f9fa425c5f0f7a477945aa781eea4d6d7b
44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5dd1bfea44aef572ec70da13521e4a15e8738cea0038862a6ae6471e3ee212ab
5f0019d0fc22d6093d828cee7823f4e7780927285023ad3481fa4c65dbde3f73
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61423adde5fbb34edef8c9b622b435c58a1d12df35a9641d19b345e14c9eab1f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629549b45f513c99ad018b46ed460480ce0a2c0bf036dd3c5d7aa31eb4298edb
650d46707458b3f9cd24807dd3ff21aa229f669b9607430b41f2ab9b4619f95c
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6c928c679bf15f01e62855b4e1c6abd2b9c5afff55cc0a5158ab2ce4eb35d2a0
6f5b2f79b5809fce8bc74c1f93a01ab844abe93c6e823e51d59705ccd2532c31
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73f871b2c767ab1e0f31592410c6c44d979291584d07077223dfad4a12bfa92d
751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
79e9a60da5ab796fea19a2a0126048842d6329ca2b19ce4f0ea48297204f5e07
7aa2dd71bfb7389b0bfdbab2fbe524408aac661c23fab815112a782c8ffb5413
8168b53a1009aa0ad981c201e526f9c6c11ed6ad17988e04b6da331d41b784e7
8689099114535a45a372df8c207eab067759dd17a2632356673223a6643f7c75
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8cf95c00de62248babad1a112971905536f8c157885d89c86b0b0aae1678ff7a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
924c854dc873c62b70970dccef51816de682011324cd4e85dc6feffebf82fa7e
95cdbd06b614b5e27eea2420fcdb61645df71ba1a6323643c351e7c48ebda220
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3eab8951a1acb8c56015baad95c754bee9929c8375cfc37dcea5c8a0f00c2c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b6f4cfdce8e72f069b31dfec2e25d3a06b71eb1768d2e7e835c7ebdffa7fdf8b
b758e6fb8bc41df81e7def5c27e445acbf0e1493e6ac3534f603ae535f2abb9a
bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca
bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada
be4f7e091bd8b0d2d551992d7c2c68c8c271f1506bf724868734056183de18c9
c7e1be16c219c24911ffe1fd0258f2d75d65edd29c7014c21671ed3cf5ece5ea
cb06b9d178250196264b7ad9342d7d04a3211c698fa2da13914ccbe0bf5fd88d
ccf6e98eb0291b5df9d22a4cd5dd4a4894824fe85606c7629197f3f500cca3b4
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94fa795b7f0b5852074145df4745c69165736f78405e86c834ef93b1e952570
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

sum.in.ua Open in urlscan Pro 195.242.161.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

138 Requests

79 %HTTPS

48 %IPv6

35 Domains

45 Subdomains

30 IPs

11 Countries

1409 kBTransfer

3623 kBSize

28 Cookies

3 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sum.in.ua Open in urlscan Pro
195.242.161.64 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

79 %
HTTPS

48 %
IPv6

35
Domains

45
Subdomains

30
IPs

11
Countries

1409 kB
Transfer

3623 kB
Size

28
Cookies

138 HTTP transactions
4 data transactions