postindex.pp.ua Open in urlscan Pro
2606:4700:3034::ac43:d50b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://postindex.pp.ua/
Submission: On June 28 via automatic, source certstream-suspicious (June 28th 2021, 4:26:22 pm UTC)

Summary HTTP 116 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3034::ac43:d50b, located in United States and belongs to CLOUDFLARENET, US. The main domain is postindex.pp.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time postindex.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3034::ac43:d50b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3 9	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:e336:1261:a63c:d3a0	16509 (AMAZON-02) (AMAZON-02)
2	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:210... 2600:9000:2104:b600:c:bbc8:bbc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.30 13.224.193.30	16509 (AMAZON-02) (AMAZON-02)
1	88.99.148.145 88.99.148.145	24940 (HETZNER-AS) (HETZNER-AS)
1	136.243.12.130 136.243.12.130	24940 (HETZNER-AS) (HETZNER-AS)
10	136.243.13.143 136.243.13.143	24940 (HETZNER-AS) (HETZNER-AS)
116	30

13 2606:4700:3034::ac43:d50b (United States)

ASN13335 (CLOUDFLARENET, US)

postindex.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:e336:1261:a63c:d3a0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s79.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:b600:c:bbc8:bbc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

de-config.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-30.fra2.r.cloudfront.net

99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.148.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h680.meetrics.de

dbg01.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.12.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h310.meetrics.de

s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 136.243.13.143 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h317.meetrics.de

b94.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	411 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	75 KB
13	pp.ua postindex.pp.ua	105 KB
11	de.com s79.research.de.com b94.s79.research.de.com	3 KB
7	google.com 1 redirects adservice.google.com www.google.com	955 B
5	2mdn.net s0.2mdn.net	66 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	gstatic.com fonts.gstatic.com	50 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	googletagservices.com www.googletagservices.com	103 KB
3	google.de adservice.google.de www.google.de	394 B
2	sensic.net 1 redirects de-config.sensic.net 99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net	785 B
2	mxcdn.net s79.mxcdn.net	113 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	759 B
2	rlcdn.com 2 redirects id.rlcdn.com	888 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	meetrics.net dbg01.meetrics.net	351 B
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	459 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	662 B
1	googletagmanager.com www.googletagmanager.com	36 KB
116	24

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	postindex.pp.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	postindex.pp.ua	postindex.pp.ua
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	b94.s79.research.de.com	googleads.g.doubleclick.net
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
5	s0.2mdn.net	postindex.pp.ua s0.2mdn.net
5	www.google.com	1 redirects postindex.pp.ua googleads.g.doubleclick.net tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	postindex.pp.ua
2	s79.mxcdn.net	s0.2mdn.net s79.mxcdn.net
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ade.googlesyndication.com
1	s79.research.de.com	s79.mxcdn.net
1	dbg01.meetrics.net	s79.mxcdn.net
1	99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net	googleads.g.doubleclick.net
1	de-config.sensic.net	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.google.de	postindex.pp.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	postindex.pp.ua
1	ajax.googleapis.com	postindex.pp.ua
1	fonts.googleapis.com	postindex.pp.ua
116	34

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.trk.sensic.net Amazon	`2021-01-10` - `2022-02-07`	a year	crt.sh
meetrics.net R3	`2021-04-09` - `2021-07-08`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://postindex.pp.ua/
Frame ID: 2A51AD71924F9FC0AD62E2F824FDA20D
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html
Frame ID: 2C5D01AEC74415ABAA6D60D68868987E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&adk=1812271804&adf=3025194257&lmt=1624897559&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpostindex.pp.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559698&bpp=3&bdt=162&idt=77&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2681430054609&frm=20&pv=2&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
Frame ID: 6FB7D083429673B532A972F852337884
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&slotname=5085332967&adk=3549918671&adf=825370839&pi=t.ma~as.5085332967&w=200&lmt=1624897559&psa=0&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559701&bpp=7&bdt=165&idt=99&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TtJZZUv0hA&p=https%3A//postindex.pp.ua&dtd=105
Frame ID: E677A74F88D2853C88F77BC719DD0D8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12
Frame ID: E6FBC181EADF5C697F6E8C7EE9A11295
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=1367808990&adf=275687582&pi=t.aa~a.3087485398~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280&prev_slotnames=5085332967&nras=3&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=suQuoXExkP&p=https%3A//postindex.pp.ua&dtd=16
Frame ID: 23E272BA4EA419D8EEF20D39B194A04A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Frame ID: 29EEE4C9C6B54B08A11D5499E4921B97
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiHjd6sATAB&v=APEucNVKUndXdILOrGZ5bEE7_aCMgrHKpwggYdro6HK_CsKotnpA1eR2KEc6Q49OwLYDpvOhyzJmUM3-iuSyXne4mRGoLfSA7GuOewGmzGjBUJPHtpxDw4rGgNCOKaZx_ncErX7WkcTjUdQajeaoDQ5r3_j4zTCtctsyuk3LMkCJwrPFPyAETWs
Frame ID: 9F45D36FAEADA3B1FDB42D2671035A6F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/get_page_signal_url_fy2019.js
Frame ID: 117A8E88CB6E59C7C206B09CD5CCB09D
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9B7CF60939AB36E993A66DF0A5E3359
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4091D480DC5772E9482957FEBCD2A011
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html
Frame ID: AC88B6053EC6F67456284807E1F4253B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Frame ID: 9632218727AA455F398319C60E7184F1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0C2C62DA5DDD04A42530997FC0D22716
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BFFC2A7A66C0FE7F9B0E4741D9896868
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5386458C66C1CDD8289302C8CDCEEDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

116
Requests

97 %
HTTPS

59 %
IPv6

24
Domains

34
Subdomains

30
IPs

4
Countries

1020 kB
Transfer

2353 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDFOztyTtQ61gKN-rCCYA5c&google_cver=1

Request Chain 48

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNn4GEiurj-dHegRYvtgNgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVKU6W99NYbeH0VkFuRezg&google_cver=1

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPe44PKONF6R5jypDIlwQwk&google_cver=1

Request Chain 50

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzkwNzk0NjYzMzk2ODg5

Request Chain 59

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIvWceYmdgwz7vvfuFzUEfoylNq5ozxnQDtL-pB75XwCzRz64fFicnOlyRYr7xsJwCgXKKCeaBzKvxosZh6VaaTkR84_WErzA&google_gid=CAESENFcc9KtQ5ySw-XJLU4tuJo&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJjw54YGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBJdldjZVltZGd3ejd2dmZ1RnpVRWZveWxOcTVvenhuUUR0TC1wQjc1WHdDelJ6NjRmRmljbk9seVJZcjd4c0p3Q2dYS0tDZWFCekt2eG9zWmg2VmFhVGtSODRfV0VyekE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa2o1TjR3a0pPdlZzdjdmaHV6SkJXQjNwX09YalkzeHltWnl6N0h3c3Vfbw==&google_push

Request Chain 60

https://rtb.openx.net/sync/dds?google_gid=CAESEE6aaU1N8tUdjq50ZZu-B2c&google_cver=1&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEE6aaU1N8tUdjq50ZZu-B2c&google_cver=1&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc&google_hm=BI2UdizszLEMD-uCeJr92Q==

Request Chain 61

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjbXOiq8oTuCSwuNSVRfyo&google_cver=1&google_push=AYg5qPL17kCs4JYmiIXo4rWzYM2W6Y1KGzcg2rvFB13BBYqm52-lh3Hj3G-Spk_Wep1Pl9SW_4Ttkh8VcYKysOgTVCG8ztSuJ0xm1w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjbXOiq8oTuCSwuNSVRfyo&google_cver=1&google_push=AYg5qPL17kCs4JYmiIXo4rWzYM2W6Y1KGzcg2rvFB13BBYqm52-lh3Hj3G-Spk_Wep1Pl9SW_4Ttkh8VcYKysOgTVCG8ztSuJ0xm1w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nwTFlKYfQuCU3sREHb0XLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL17kCs4JYmiIXo4rWzYM2W6Y1KGzcg2rvFB13BBYqm52-lh3Hj3G-Spk_Wep1Pl9SW_4Ttkh8VcYKysOgTVCG8ztSuJ0xm1w

Request Chain 62

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJf_7g-J3-LrMbKygMKA2A&google_cver=1&google_push=AYg5qPKWXjIvE7FWwIo7Cb9xk6Eb9uXYdb01f7-Wm0Iq_fR9bsIzVqbMU2-9DPZD2zN9JS16IaUCqtCmatjU-RzfuOYaOMx8D3HO2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FHVTFYVEQtMS1LU0lK&google_push=AYg5qPKWXjIvE7FWwIo7Cb9xk6Eb9uXYdb01f7-Wm0Iq_fR9bsIzVqbMU2-9DPZD2zN9JS16IaUCqtCmatjU-RzfuOYaOMx8D3HO2w

Request Chain 63

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690&google_cver=1&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690

Request Chain 69

https://de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_3301&c=26016321_305668312_152272367_498407340&cp_c1=26016321&cp_c2=&cp_c3=498407340&cp_c4=305668312&cp_c5=&cp_c6=152272367&cp_c7=&pr=3045243418&gdpr=&gdpr_consent= HTTP 302
https://99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
postindex.pp.ua/ 43 KB
8 KB 57ms
21ms Document
text/html 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postindex.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894fe0d1b9879b716cac8c7de4bf144e55df39a6f1c08788020ccec6585ed852

Request headers

:method: GET
:authority: postindex.pp.ua
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=14400, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: HIT
age: 900142
cf-request-id: 0af50a33db00004a6830ae6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Xx95V%2BN0yWtZ5RGfODtNpfe3xgumP2r4W%2FI5ZU%2FpaNVch5lFZyy1%2FGmkchPGthbjieA7P3RVmzJ6%2B0MFOxyPw7RQN2BEst43Dl3J3tvnFcsrpyfjJ4Fq86WiQkYSYqplO%2BIfMBCEYUwt"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66684632ff514a68-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
878 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700italic,400,300,700

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa7f8eecf2446bf9cfffe2277b3a981a6894eaffec9454bc8f8cb2f1194dbb4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:17:31 GMT
server: ESF
date: Mon, 28 Jun 2021 16:25:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Jun 2021 16:25:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 14:49:03 GMT

GET
H3-29 200 skel.min.js Show response
postindex.pp.ua/js/ 20 KB
7 KB 44ms
25ms Script
application/javascript 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postindex.pp.ua/js/skel.min.js
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cad3b4a7e397764b1041b1daf63c76d4743f6841b90cb055ddb486b154b1c9

Request headers

:path: /js/skel.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af50a340a0000975487336000000001
last-modified: Tue, 03 Apr 2018 13:23:41 GMT
server: cloudflare
etag: W/"5ac3805d-4e93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xBXaz49Q3vnKUzr7e03XvmxJrsJ9WajOfTZQ%2BuZP9usO0dG4V5efvMnUsGmsCad6FPJbmmDROEunVqTmrzhhHXlAovl6Y0e0NWYzw1hdznULPHygvrDZPGlJxuxFX8QY%2FEwU0FlYQic%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666846334ff99754-FRA

GET
H3-29 200 skel-panels.min.js Show response
postindex.pp.ua/js/ 13 KB
5 KB 44ms
26ms Script
application/javascript 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postindex.pp.ua/js/skel-panels.min.js
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1dc09052ae13658cd0b429ccfdc24b5329e7432dbac24dd780627aa7ef5bc0b

Request headers

:path: /js/skel-panels.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af50a3409000097546fa49000000001
last-modified: Tue, 03 Apr 2018 13:23:41 GMT
server: cloudflare
etag: W/"5ac3805d-355a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GfAAHFoiV%2BuqNubGfreQZAOfF11VnhW6fNGQYVUNm8Tf76lz0nnWswzJ5mc5BYLX1jx41vwiKse%2FUPc77jesykS23T9tRaCdWLIZejUnavZsjv6iGyYYww1dzrgd2XAYI8m5%2FEToOyhF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666846334ff79754-FRA

GET
H3-29 200 init.js Show response
postindex.pp.ua/js/ 1 KB
1 KB 43ms
25ms Script
application/javascript 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postindex.pp.ua/js/init.js
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf3d1d9f515506f4c715f9273efb36338e9a80978011b412063699b336fc8d0

Request headers

:path: /js/init.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af50a340a000097547b9e9000000001
last-modified: Mon, 26 Nov 2018 08:37:38 GMT
server: cloudflare
etag: W/"5bfbb0d2-430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JHBa5MtI8Zi8bDfY7QGq3C25kL0sMsGQw5n1rbf%2Fz7N%2FuL6H0s1taowQ7Wbts448bqPhz5L25LEjd7pP%2Bfbi%2BNSlwGPJ1tTkfSDWVeZQhbk7gJEPxp%2BU5DbRcB5kNsV0EqPy0kEmiCQL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666846334ff89754-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109891918-2

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b066a52e48447870d0de128069bc1a5dcb8d145374240151c906c2b6fa82edac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36349
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Jun 2021 16:25:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6e90479892ee907be90ba25e52f35ef671a95ab4b15199126b5a886c732330b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49127
x-xss-protection: 0
server: cafe
etag: 5368369444575527153
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 16:25:59 GMT

GET
H3-29 200 style.css
postindex.pp.ua/css/ 28 KB
6 KB 23ms
22ms Stylesheet
text/css 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postindex.pp.ua/css/style.css
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/js/skel.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6861bebdee82054b05f5dba23174d623a42354bd85c8209897649f45e8bedb90

Request headers

:path: /css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af50a342d000097547323c000000001
last-modified: Tue, 03 Apr 2018 13:23:40 GMT
server: cloudflare
etag: W/"5ac3805c-6edc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uxjlsynD281nMqWOpZHY7sxSIBfSnkCqVG%2FTgur3%2FRyWNzTSJqj5L%2FUuifI7J50mPLwmLZhGbfFEeo%2BUV4b9VprDawEM4cOrJBHXK0QfzTk94SwRNIpjMkZ%2FDwgovEF%2BwzpU1TvQe2SQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6668463378109754-FRA

GET
H3-29 200 style-desktop.css
postindex.pp.ua/css/ 2 KB
873 B 20ms
19ms Stylesheet
text/css 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postindex.pp.ua/css/style-desktop.css
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/js/skel.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d94f57ca12c6b11d3a5b925af53744199531d88805812b6c2ae023e984e159d

Request headers

:path: /css/style-desktop.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903822
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af50a342e000097546d318000000001
last-modified: Tue, 03 Apr 2018 13:23:40 GMT
server: cloudflare
etag: W/"5ac3805c-73e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iKHJ944YP6xIlICntowOkF91ByONm2p7Bt72PBWr4yXsSa5R3H%2FL0yP8qXbQ40LnioPUrUYU6QldGGhWral9hjALmdmctYZcPatglYIyG4gs10p5FahDN%2BwsGdsFZeGvZNi972E8Nb3Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6668463378129754-FRA

GET
H3-29 200 postindex.js Show response
postindex.pp.ua/ 69 KB
23 KB 25ms
24ms Script
application/javascript 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postindex.pp.ua/postindex.js
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742

Request headers

:path: /postindex.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af50a342e000097547f1b8000000001
last-modified: Fri, 11 Sep 2020 21:13:40 GMT
server: cloudflare
etag: W/"5f5be884-1131c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JFJmZGRv3G2vIrP%2Fn8rpp3ru9UCZScD4ogRcj5f7vxkMw%2BNV1IZi3Hlq%2BjHoVyP2ygz5UQfUi166IyoTzXJ4Yxf7zuAsq90r5jdFlZX3OdzOu92KZffZOY5XYL%2FEkj8w%2FLxMWUgjWxyd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6668463378139754-FRA

GET
H3-29 200 img01.jpg
postindex.pp.ua/css/images/ 14 KB
14 KB 18ms
17ms Image
image/jpeg 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postindex.pp.ua/css/images/img01.jpg
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c0cbc17cd81cfd2d07cf9fee9f33cfcd0daee7fc31ec3c3aefc4efdbaa9683

Request headers

:path: /css/images/img01.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14202
cf-request-id: 0af50a3451000097547f1ba000000001
last-modified: Tue, 03 Apr 2018 13:23:40 GMT
server: cloudflare
etag: "5ac3805c-377a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2NwzXfFuwrAkwi9HOLnGGC61TRjtrgBbONXRe49TSS%2B9GjzzQgNlsjTKWXeJoqhn5Ojss1CcDlahm3BcF6YR8pZ9FZWmfVIHlQ5ZLKcWLxi%2FwGsit5HFiqPEkm4ppcmQlb1ijWtqvi2X"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66684633b8329754-FRA

GET
H3-29 200 img05.jpg
postindex.pp.ua/css/images/ 13 KB
13 KB 23ms
22ms Image
image/jpeg 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postindex.pp.ua/css/images/img05.jpg
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9211938b24251259e94d63dd35dfa577fc49032a8ea2fb3905c85616ec8203d

Request headers

:path: /css/images/img05.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903821
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13130
cf-request-id: 0af50a3455000097547f1bb000000001
last-modified: Tue, 03 Apr 2018 13:23:41 GMT
server: cloudflare
etag: "5ac3805d-334a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IrWRn7TuLx2cwBs%2BXeILLm7bzU7a%2BwScEZ4J6deaDHI%2B4hJgqcvxJM9USk%2Beqh9mmTqISsohcuv2qyA%2F8T7%2BEJVfTVKYrDe89l18S%2BzQ2egxaJHwi4G6GVobLK8JejpW3X3NoJFqhVJi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66684633b8359754-FRA

GET
H3-29 200 img03.jpg
postindex.pp.ua/css/images/ 14 KB
14 KB 22ms
21ms Image
image/jpeg 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postindex.pp.ua/css/images/img03.jpg
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8de92a05bdcf334ea96543f3f415cda4ad5944dbc5a452000157f6c971340787

Request headers

:path: /css/images/img03.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13951
cf-request-id: 0af50a3451000097545e2c2000000001
last-modified: Tue, 03 Apr 2018 13:23:40 GMT
server: cloudflare
etag: "5ac3805c-367f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yP2Mn6uMPIFd7D80XsvM2XpM3vJqcIONEv1gVNY3xtPqKas9km3ooU7Jj%2FhUT1L7Kuh%2B4dH41jQwSHi5S0t0Ed6bDmMpntmGyZCV%2BA8frkVjoMxzlPrUImfOmnPVCAk7dwispc04Zpij"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66684633b8389754-FRA

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700italic,400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26372f65a85b8f07c1aa627ae67b9171bc812fdd56a71be95a61ec26669d3105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postindex.pp.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 13:08:59 GMT
x-content-type-options: nosniff
age: 443820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9468
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 13:08:59 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700italic,400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postindex.pp.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 00:40:34 GMT
x-content-type-options: nosniff
age: 402325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15604
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 00:40:34 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700italic,400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc40519e22545b5835214128bd107a8304e66096bf086b37e326a3659bf3711e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postindex.pp.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 04:59:02 GMT
x-content-type-options: nosniff
age: 386817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 04:59:02 GMT

GET
H3-29 200 img09.jpg
postindex.pp.ua/css/images/ 5 KB
5 KB 28ms
28ms Image
image/jpeg 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postindex.pp.ua/css/images/img09.jpg
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c88ef58f814c5c0a7b95c04a269ea606a8a2fd01afb14c92f0c7d876df0c751

Request headers

:path: /css/images/img09.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4996
cf-request-id: 0af50a345300009754571d0000000001
last-modified: Tue, 03 Apr 2018 13:23:41 GMT
server: cloudflare
etag: "5ac3805d-1384"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Bzio%2BipuUqlltq0Hq3KWVaOMtAltBza%2FBAl%2BRx4sRdJOwanXo9kDc48ukouzGr6Feh7SSCcPUZof%2FJZ0Oj9RFZ7TQMOPxPitroWWLHnj379faHnAagw4NEboo2X3jRjg9bRYyDBXAPAZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66684633b83b9754-FRA

GET
H3-29 200 img10.png
postindex.pp.ua/css/images/ 6 KB
7 KB 35ms
35ms Image
image/png 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postindex.pp.ua/css/images/img10.png
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 111d1afc0194f445c068eeaaf20d846dd55846af4fd006196bf97a2378476b8b

Request headers

:path: /css/images/img10.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 903849
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6332
cf-request-id: 0af50a345a0000975477b8b000000001
last-modified: Tue, 03 Apr 2018 13:23:41 GMT
server: cloudflare
etag: "5ac3805d-18bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GDSxt5gxUCdFhIDRld6W5faYKgDUX5CQV6itUXkm1mqCRVoKnkTrxyiAnE%2Bjm6UJkr2gJJtiEyqY5iXawzMQ6Bsgx8%2F%2BdpupgHslxTl5TPCVp0d7eSbS0drE5d%2F2R5zrzu8TmVAjPjjn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66684633b83c9754-FRA

GET
H3-29 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700italic,400,300,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postindex.pp.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:28:07 GMT
x-content-type-options: nosniff
age: 514672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 17:28:07 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/ 240 KB
89 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1723340981828638&plah=postindex.pp.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91041
x-xss-protection: 0
server: cafe
etag: 14008214618944263571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 16:25:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/ Frame 2C5D 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210624/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 27 Jun 2021 17:39:07 GMT
expires: Sun, 11 Jul 2021 17:39:07 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 82012
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 postindex.php
postindex.pp.ua/ 43 B
596 B 190ms
190ms Image
image/gif 2606:4700:3034::ac43:d50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postindex.pp.ua/postindex.php?action_name=%D0%9F%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D1%96%20%D1%96%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&idsite=3&rec=1&r=249405&h=18&m=25&s=59&url=https%3A%2F%2Fpostindex.pp.ua%2F&_id=be7c4eb0ee3310f1&_idts=1624897560&_idvc=1&_idn=1&_refts=0&_viewts=1624897560&send_image=1&cookie=1&res=1600x1200&gt_ms=21&pv_id=v6z0Kc
Requested by: Host: postindex.pp.ua
URL: https://postindex.pp.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:path: /postindex.php?action_name=%D0%9F%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D1%96%20%D1%96%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&idsite=3&rec=1&r=249405&h=18&m=25&s=59&url=https%3A%2F%2Fpostindex.pp.ua%2F&_id=be7c4eb0ee3310f1&_idts=1624897560&_idvc=1&_idn=1&_refts=0&_viewts=1624897560&send_image=1&cookie=1&res=1600x1200&gt_ms=21&pv_id=v6z0Kc
pragma: no-cache
cookie: _pk_id.3.37a6=be7c4eb0ee3310f1.1624897560.1.1624897560.1624897560.; _pk_ses.3.37a6=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: postindex.pp.ua
referer: https://postindex.pp.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EUP6ddlsRg1DskkBiy5kaLHBQHOdXAXaecFvlpHpRMcmLV%2Fh2aOE5KFKMKh4XEIPs02htqyHkc5H6mQCPqTW8ChM%2BDMluN2RBgbr05O1NlA%2BrJTT%2B95zlFgs3Pwq7urjVe1WxkYVOINW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 66684634588b9754-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af50a34b9000097548733f000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109891918-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3254
date: Mon, 28 Jun 2021 15:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 28 Jun 2021 17:31:45 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1311088783&t=pageview&_s=1&dl=https%3A%2F%2Fpostindex.pp.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D1%96%20%D1%96%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=218545288&gjid=1232753940&cid=4469527.1624897560&tid=UA-109891918-2&_gid=165493029.1624897560&_r=1&gtm=2ou6n0&z=1682881114

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:25:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://postindex.pp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
662 B 105ms
34ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=postindex.pp.ua&callback=_gfp_s_&client=ca-pub-1723340981828638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1723340981828638&plah=postindex.pp.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3de03e9f44cf776c5db7dce532bcf76a2fc6b655688a65170c61633643628adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postindex.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postindex.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6FB7 3 KB
536 B 94ms
91ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&adk=1812271804&adf=3025194257&lmt=1624897559&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpostindex.pp.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559698&bpp=3&bdt=162&idt=77&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2681430054609&frm=20&pv=2&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8daac6680f3d511781a4d1fffc532d77f585c15c12c7f72049ef633aef8b3dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1723340981828638&output=html&adk=1812271804&adf=3025194257&lmt=1624897559&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpostindex.pp.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559698&bpp=3&bdt=162&idt=77&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2681430054609&frm=20&pv=2&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Jun 2021 16:25:59 GMT
server: cafe
content-length: 513
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Jun-2021 16:40:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Jun 2021 16:25:59 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469958711216"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Mon, 28 Jun 2021 16:25:59 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-1723340981828638&c=9&e=2570847921467975139&n=0&t=0&w=570&x=2

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:25:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-109891918-2&cid=4469527.1624897560&jid=218545288&gjid=1232753940&_gid=165493029.1624897560&_u=YEBAAUAAAAAAAC~&z=433279419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 28 Jun 2021 16:25:59 GMT
content-type: text/plain
access-control-allow-origin: https://postindex.pp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E677 430 B
230 B 216ms
216ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&slotname=5085332967&adk=3549918671&adf=825370839&pi=t.ma~as.5085332967&w=200&lmt=1624897559&psa=0&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559701&bpp=7&bdt=165&idt=99&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TtJZZUv0hA&p=https%3A//postindex.pp.ua&dtd=105

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92d478fa522f110656747c8eb89ebf87f4eba615656373d067576afee889327c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&slotname=5085332967&adk=3549918671&adf=825370839&pi=t.ma~as.5085332967&w=200&lmt=1624897559&psa=0&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559701&bpp=7&bdt=165&idt=99&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TtJZZUv0hA&p=https%3A//postindex.pp.ua&dtd=105
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Jun 2021 16:26:00 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Jun-2021 16:40:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Jun 2021 16:26:00 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
119 B 35ms
35ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-109891918-2&cid=4469527.1624897560&jid=218545288&_u=YEBAAUAAAAAAAC~&z=1360243459

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:25:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
35ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-109891918-2&cid=4469527.1624897560&jid=218545288&_u=YEBAAUAAAAAAAC~&z=1360243459

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:25:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postindex.pp.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postindex.pp.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 16:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6FB 97 KB
35 KB 529ms
528ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3263288290ab93b30dbfc1b58638f10fcabcc71254c9e6f2d79ed96f5642555

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrg7Y7fuvECFZbquwgdAyMLtA&gqi=F_jZYJWsOaTZ-gbamIfICA&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrg7Y7fuvECFZbquwgdAyMLtA&gqi=F_jZYJWsOaTZ-gbamIfICA&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Jun 2021 16:26:00 GMT
server: cafe
content-length: 35579
x-xss-protection: 0
set-cookie: IDE=AHWqTUlVH2Fa_jgfRo8FfSYQOURJWAy8T6iTtjH_BjA0J791KQSYa0YlSub3SsecjDA; expires=Sat, 23-Jul-2022 16:25:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Jun 2021 16:26:00 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23E2 430 B
232 B 162ms
161ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=1367808990&adf=275687582&pi=t.aa~a.3087485398~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280&prev_slotnames=5085332967&nras=3&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=suQuoXExkP&p=https%3A//postindex.pp.ua&dtd=16

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58d0a00b5975c6d7b9e6e447d98d946e42d15acd69039e4fabd2c6813a2ccca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=1367808990&adf=275687582&pi=t.aa~a.3087485398~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280&prev_slotnames=5085332967&nras=3&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=suQuoXExkP&p=https%3A//postindex.pp.ua&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Jun 2021 16:26:00 GMT
server: cafe
content-length: 208
x-xss-protection: 0
set-cookie: IDE=AHWqTUkKU4eevpdUkj-YgC4U4ZkNU0Gef9UVBOgsoYGPDLTybwNi9ykKLUBwhMkYM7M; expires=Sat, 23-Jul-2022 16:25:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Jun 2021 16:26:00 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29EE 14 KB
8 KB 267ms
267ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c08a3e23b4f64dc1ff288a6f637d68ddbdcdf2240848888f2082f4c4418550f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Jun 2021 16:26:00 GMT
server: cafe
content-length: 7754
x-xss-protection: 0
set-cookie: IDE=AHWqTUnEQVakMDwknLAIo9WtQgOJSjN-2Yxy7KL_5l-n1Nbu2q_sMskW0HdoIuhKY4M; expires=Sat, 23-Jul-2022 16:25:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Jun 2021 16:26:00 GMT
cache-control: private

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9F45 624 B
297 B 17ms
16ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiHjd6sATAB&v=APEucNVKUndXdILOrGZ5bEE7_aCMgrHKpwggYdro6HK_CsKotnpA1eR2KEc6Q49OwLYDpvOhyzJmUM3-iuSyXne4mRGoLfSA7GuOewGmzGjBUJPHtpxDw4rGgNCOKaZx_ncErX7WkcTjUdQajeaoDQ5r3_j4zTCtctsyuk3LMkCJwrPFPyAETWs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhiHjd6sATAB&v=APEucNVKUndXdILOrGZ5bEE7_aCMgrHKpwggYdro6HK_CsKotnpA1eR2KEc6Q49OwLYDpvOhyzJmUM3-iuSyXne4mRGoLfSA7GuOewGmzGjBUJPHtpxDw4rGgNCOKaZx_ncErX7WkcTjUdQajeaoDQ5r3_j4zTCtctsyuk3LMkCJwrPFPyAETWs
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnEQVakMDwknLAIo9WtQgOJSjN-2Yxy7KL_5l-n1Nbu2q_sMskW0HdoIuhKY4M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Jun 2021 16:26:00 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 get_page_signal_url_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/ Frame 117A 4 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/get_page_signal_url_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

858361d285ad5b0369469afc26ff28e975019a3b3a25ad4748e95178eae88192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2074
x-xss-protection: 0
server: cafe
etag: 10027585619949027602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 14:51:50 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 117A 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 16:24:18 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 117A 125 KB
38 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:26:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469964731542"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38558
x-xss-protection: 0
expires: Mon, 28 Jun 2021 16:26:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 117A 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 16:15:59 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 117A 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlJ_skpkFH3OhjgKdF1mNDdG3FOx8TX4Rumybyjb8m3v1Jh3AgOqSuZmXNO8e1CtntBjOAQ1R8ge8VsQFeroNZNsMTvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 117A 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2T3PbYB685fMx2k9ANtQKaY1lr_d37YY-LALZ_AdZvmgFgFzXYezA0m0KiNpH3VJ8DiB-zirkpTPj2LXPZ6kkWK6fqEsTsqNiMMlfbW2mgc2vBQw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 117A 59 KB
24 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4w1P9rhGjztJuemoN_jmlIRukqkH9-C8y7oaaU3XWRtQEtkUGAsLOZDRJuO25Kz-dfsOP5jaPGdtjzzrpK9o80b353YBz3TuQ-olfzMes0w-Ev4-7PEMpNyicLOA5eEM3fyQrsrYxJqwLpqCymCZAiwCMKQ&dbm_d=AKAmf-CKqgwMfGVD3QUTPWhKnqvWYU0-hh-3RADaZ9Bxh-9TLfyUSP6q7lyQ4ckLRsmsF-_mLWoykOSgTTX48t_PYUyV0b5eif0QEYPCl7GcZ5mgK6ITVzK_xL5ZSiWArl5Nt_51MRN4S977I9MiVo9kNT5vLmmDIQNJrJ68pIS5JnvP3YRu-YS21B2GOrrY7gTHRSZTQpGsl7Yv--ytV43FVFcViWkyAFErLA_IpKUBwBTLo71wxt44eLyREy7Qf09PryPYEE7UyUJ1WkaxDeU9NrKLdJHetnkhq1TBJYsbpybhwOUSJWnmN3TqWJyyWVz4WtqFxnhP1IhMhHEEWruqL_FqC3c5yp76cQQe2CUmtGUUvFhlvppver4zVzVvs1YcCH9ZGRVGpqSEwsnKkPImFoSwju2Erdr-I0tP4RqzCmov_1SAfgs5n1ZA4GVZuchNe9WGd3TNP5LmGB7Lygvlde8bzuS37imsQm4yhdoKetmILAA5HCVrheAm4oHNu5-CXrqg9-rq3IKYnEQ-rOT4s-02z33szFVgFja8aiePpd9W7gkzTnk1foZv_XhF9MSeiAfpH61NDfPvGjCo-vSdamrlzMoI3YZqitE_OooOQm22atI5N25NnYyD5GRjgCVK2DqZnQyv9Msj-7i_VMDZyCRjHo44AWCzKJEYQSqtu14jjy1OtfsGcyu_bW85LwmT4g8ixnASusr-EDC5ft7TBWI7VW7qWZsrJq7tlJpHcTO9GhkYwwm11z7nWalrOKW9tUK9YsncDeyYzM70R3fVtr5uW3zxUnvYUQbIL00GOFghVP_SAn-aQorSt7jqiwqX3RE1LjR0UqRHCnNCeYNVBCbGu3eJZeZrXjk_6hgf15wHcVz0JCnlKazNIQaEmhazH65dZI90qJ7PUJHLMQ4Qhnc6Hi_JB2kiBk9Iidih4BDoju5J2manQSbwF04NR00Ur4NJfFLldhuXn7M2s7GR-dVo8ofKIkhS5yz5UHjfJ86_q7D_US_xIHPwfIeRC9OVb4H47TqbwhtQJtI_A7Ti3piLla4XoOtsiWw_euvV3w0O0KIaURC0zWT8PQOBsaGXg8nohuouuSUqHXmGoUy9KN9RWfnhxjGujaUE0tZiKeDQbBYLAuMu_Oawq068l5hf6RxDAEuDB6EYjzXjJW27n_sEEE4sVEFWqgap5kJqO75UhaqHKpS80wW3MuHKQZhkPqoqkEcMELuvOkD6VnaPt_zlESo1gP5a1qpbLmWHto2lyq3UD-m6akcOWnoB5MrUy7onQfGKbxBtyhNK2etGo2edvHaD9LCd4zX-ZrqQxJroiy6hxxwhdZz5lHPGYbfZEovjjwGM-o8yfZG4xWMnsrkGitoY2t1mjUfZVv6cOg8p7VYACLn4-FOCWjB6v3Dm0DWraPtX_kLvuMCgJ7PyTcx6Dbma7zKjlreqwJQScDRp-cNZWrFCVidX03Ux3BMkHVed1R9rwrvyWTdlif7MurdeGoOQQwKwXYRqa7gsktckQOkmFmsxulUCcGtHVc-lOu6IHIThp1I_kkQ0gEWe5Ok7HS3yi7ip8c93GBcUbcr4uFxkrfes19F71q8b1YjntY_w3gmgTJdCi-GHGwWdZEuhc_w0m78G7nJamFYhYgjmiyy2ywdhC1NHyv-5hOAgLDHsnp30uGzvT88DlCle6fr3fmy8vHJgX_ufOkT97NUSONWk6Y9M7Uq6cQzU0dDiGOct-AiBzQ8v3qEyaEAhHKIOcMTgO-D6p7tTrIzr9ifjTNICHujlSsSjXDoxD1dZJu_vdyLztx4Gauz9NqmGeYeQaSFw3OnY2_OI4zk67P9oCd2oIv68eKVeF9KWtqc7-817cHYJXVHkADCimzIlhMRPE1XmPZHjwzOmRN7hZXqqqV_PI_5Hzm7COswurGYrbwzOQU2iVQF93RlUdt-6mpjLtsvkpFfaIZsFLs-kmvo6Rg2m-Y_th48bc3OPddQrt15bL_XE4pD7AdXWLHOiuDL9qPxXAN5bgyw4BkMSa5KSy2rAOAjGB1GkEpH0Lfffw92jBq3oKOEdw05PYhxZfvZ3sm_FrurY7D7oZtuwrksYwfejAP4QrR_pZtH_4zHgfLW6Ug4D759iX1zxy_QoSD18_AHXMqusmTTaQv9ZvKwvZzh8S08WHHn24T3Q_DJ-8a0cozzedSDIkOjCN9H7cMkk7_pZruJmiYsTHYGLJShR7Sf_fUotJcNPq2Vv_-j_QnSAIWElpwbHZ9FLKwOFJz1vVPi1LuaYHcgEulPdDtSbX5LSuafTgVuT9BCpC8M8Wc8L-kwOuDP4dB9v_sG978mIL5j-KsAdai0qVesq1oHsnhigjmdPEbcaswOODE60s7DxoSOZbNenCo11H8AvK7f47LPx7tIKGTnEsyye7QXagyfLdt-H_Rv_Bo7cOxN9pv00SK4x_QjCPXuc8tI2uBUUP07EkW7alrbRh0BJt6LSGx_xWXLfsqLB0cjR0JteKj3Sp9_kuKZ8oqV2DU-ItmgbkzOjjFPlNgnwim2TQCngmqtmq5n4JcQ_4FeUfda0frnTficwCDxX8xis2xGebuMoL0p0Y4-MNNI1orQU87AwEnwosZr3BCw3J4MW7etwzNChCj370Ww73Dy3KBsCeAAAgQHCKaKCXROkNx14OU7Ap1Eio8XO3HHBvnVUxpg34zmj86iFUYs0kn9EH1DJudghDoeZHF53l32zktvWjSHif5somdc8yXy9gFvV2jgU_mG1UJ58wZawlSRHJtty65sD1s_VhDy9cyHOZ7U4PBtbNcZ0xD2lR8OBFunfSXDXaekBQPyWe8IPONj0aqXZmL34RrhZW1wDM9mkRghT7d5GQiBB57s-EXlSZjkQlVxNCsl-HzrktsI5T0R4qJfvxZHi5PWIjtQZA1tJFbUBwCLlu3XQykYaxJ-YHaxFwznWZlOp1-dtEOgVnSyQQPkYzY9VT7Cp_45c1FTluvzj0zYn6t4KDb6Gu4jmTkwLstcEU6hztK55zaN9srh7b1YgnLV7CwoUnSQvZzGl5c1L1HY9PPOi-M6-JO9bqaI3xoL87_eKRKgZwbqlP2W8R64D18j2tnqx8oXXNkkZf61cAUGdEcPmA828i-FEvMdcDdjFrEvUx_-4vTqUizHujfokZJhXaCHF1GZChxsJBCjWojd_zKLLuckmLiS_85-gi61l00Bie8rPTjqGt1bc857Das8qiC6P346KAKAAQQF1AXMzvCiHn_wBtP2eVMJprnZutsltDFg0LRRgiLzfUGgo8U-rtHBMRVrMP9a2wztKxecPEieiotGUKFWiQl1YXlchjPI39Qa-Rj6RrFdZc2fy5NfmBf1NHP0C2slMgkQ0Yl6qYNBsPiZB_lSPfzHbqv5W_lkVr50i_6_e5UNRrzuPK_QqrgtNMzoKr73u4fRvMF_hqBgAWk8&cid=CAASEuRoA7OTxJ1j1TuGFpgU7HSANA&rfl=2%2Chttps%253A%252F%252Fpostindex.pp.ua%252F%240

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b91c36b26063bc99680a27c8d70f383cdf1ccbf5693d5d5173660d9c515b2a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9F45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDFOztyTtQ61gKN-rCCYA5c&google_cver=1

43 B
1014 B

96ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDFOztyTtQ61gKN-rCCYA5c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiHjd6sATAB&v=APEucNVKUndXdILOrGZ5bEE7_aCMgrHKpwggYdro6HK_CsKotnpA1eR2KEc6Q49OwLYDpvOhyzJmUM3-iuSyXne4mRGoLfSA7GuOewGmzGjBUJPHtpxDw4rGgNCOKaZx_ncErX7WkcTjUdQajeaoDQ5r3_j4zTCtctsyuk3LMkCJwrPFPyAETWs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Jun 2021 16:26:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDFOztyTtQ61gKN-rCCYA5c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9F45
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNn4GEiurj-dHegRYvtgNgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVKU6W99NYbeH0VkFuRezg&google_cver=1

43 B
1012 B

255ms
255ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVKU6W99NYbeH0VkFuRezg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiHjd6sATAB&v=APEucNVKUndXdILOrGZ5bEE7_aCMgrHKpwggYdro6HK_CsKotnpA1eR2KEc6Q49OwLYDpvOhyzJmUM3-iuSyXne4mRGoLfSA7GuOewGmzGjBUJPHtpxDw4rGgNCOKaZx_ncErX7WkcTjUdQajeaoDQ5r3_j4zTCtctsyuk3LMkCJwrPFPyAETWs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Jun 2021 16:26:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVKU6W99NYbeH0VkFuRezg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9F45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPe44PKONF6R5jypDIlwQwk&google_cver=1

43 B
999 B

138ms
107ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPe44PKONF6R5jypDIlwQwk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiHjd6sATAB&v=APEucNVKUndXdILOrGZ5bEE7_aCMgrHKpwggYdro6HK_CsKotnpA1eR2KEc6Q49OwLYDpvOhyzJmUM3-iuSyXne4mRGoLfSA7GuOewGmzGjBUJPHtpxDw4rGgNCOKaZx_ncErX7WkcTjUdQajeaoDQ5r3_j4zTCtctsyuk3LMkCJwrPFPyAETWs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:00 GMT
X-Proxy-Origin: 159.48.55.6; 159.48.55.6; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d58996ec-0892-4c43-92a0-ea02159ec58a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPe44PKONF6R5jypDIlwQwk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9F45
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzkwNzk0NjYzMzk2ODg5

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzkwNzk0NjYzMzk2ODg5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:00 GMT
X-Proxy-Origin: 159.48.55.6; 159.48.55.6; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9db824ef-666c-4b7e-8a9d-fea43feab5bb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzkwNzk0NjYzMzk2ODg5
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 117A 111 KB
39 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 12:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Jun 2021 12:29:43 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame 117A 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4w1P9rhGjztJuemoN_jmlIRukqkH9-C8y7oaaU3XWRtQEtkUGAsLOZDRJuO25Kz-dfsOP5jaPGdtjzzrpK9o80b353YBz3TuQ-olfzMes0w-Ev4-7PEMpNyicLOA5eEM3fyQrsrYxJqwLpqCymCZAiwCMKQ&dbm_d=AKAmf-CKqgwMfGVD3QUTPWhKnqvWYU0-hh-3RADaZ9Bxh-9TLfyUSP6q7lyQ4ckLRsmsF-_mLWoykOSgTTX48t_PYUyV0b5eif0QEYPCl7GcZ5mgK6ITVzK_xL5ZSiWArl5Nt_51MRN4S977I9MiVo9kNT5vLmmDIQNJrJ68pIS5JnvP3YRu-YS21B2GOrrY7gTHRSZTQpGsl7Yv--ytV43FVFcViWkyAFErLA_IpKUBwBTLo71wxt44eLyREy7Qf09PryPYEE7UyUJ1WkaxDeU9NrKLdJHetnkhq1TBJYsbpybhwOUSJWnmN3TqWJyyWVz4WtqFxnhP1IhMhHEEWruqL_FqC3c5yp76cQQe2CUmtGUUvFhlvppver4zVzVvs1YcCH9ZGRVGpqSEwsnKkPImFoSwju2Erdr-I0tP4RqzCmov_1SAfgs5n1ZA4GVZuchNe9WGd3TNP5LmGB7Lygvlde8bzuS37imsQm4yhdoKetmILAA5HCVrheAm4oHNu5-CXrqg9-rq3IKYnEQ-rOT4s-02z33szFVgFja8aiePpd9W7gkzTnk1foZv_XhF9MSeiAfpH61NDfPvGjCo-vSdamrlzMoI3YZqitE_OooOQm22atI5N25NnYyD5GRjgCVK2DqZnQyv9Msj-7i_VMDZyCRjHo44AWCzKJEYQSqtu14jjy1OtfsGcyu_bW85LwmT4g8ixnASusr-EDC5ft7TBWI7VW7qWZsrJq7tlJpHcTO9GhkYwwm11z7nWalrOKW9tUK9YsncDeyYzM70R3fVtr5uW3zxUnvYUQbIL00GOFghVP_SAn-aQorSt7jqiwqX3RE1LjR0UqRHCnNCeYNVBCbGu3eJZeZrXjk_6hgf15wHcVz0JCnlKazNIQaEmhazH65dZI90qJ7PUJHLMQ4Qhnc6Hi_JB2kiBk9Iidih4BDoju5J2manQSbwF04NR00Ur4NJfFLldhuXn7M2s7GR-dVo8ofKIkhS5yz5UHjfJ86_q7D_US_xIHPwfIeRC9OVb4H47TqbwhtQJtI_A7Ti3piLla4XoOtsiWw_euvV3w0O0KIaURC0zWT8PQOBsaGXg8nohuouuSUqHXmGoUy9KN9RWfnhxjGujaUE0tZiKeDQbBYLAuMu_Oawq068l5hf6RxDAEuDB6EYjzXjJW27n_sEEE4sVEFWqgap5kJqO75UhaqHKpS80wW3MuHKQZhkPqoqkEcMELuvOkD6VnaPt_zlESo1gP5a1qpbLmWHto2lyq3UD-m6akcOWnoB5MrUy7onQfGKbxBtyhNK2etGo2edvHaD9LCd4zX-ZrqQxJroiy6hxxwhdZz5lHPGYbfZEovjjwGM-o8yfZG4xWMnsrkGitoY2t1mjUfZVv6cOg8p7VYACLn4-FOCWjB6v3Dm0DWraPtX_kLvuMCgJ7PyTcx6Dbma7zKjlreqwJQScDRp-cNZWrFCVidX03Ux3BMkHVed1R9rwrvyWTdlif7MurdeGoOQQwKwXYRqa7gsktckQOkmFmsxulUCcGtHVc-lOu6IHIThp1I_kkQ0gEWe5Ok7HS3yi7ip8c93GBcUbcr4uFxkrfes19F71q8b1YjntY_w3gmgTJdCi-GHGwWdZEuhc_w0m78G7nJamFYhYgjmiyy2ywdhC1NHyv-5hOAgLDHsnp30uGzvT88DlCle6fr3fmy8vHJgX_ufOkT97NUSONWk6Y9M7Uq6cQzU0dDiGOct-AiBzQ8v3qEyaEAhHKIOcMTgO-D6p7tTrIzr9ifjTNICHujlSsSjXDoxD1dZJu_vdyLztx4Gauz9NqmGeYeQaSFw3OnY2_OI4zk67P9oCd2oIv68eKVeF9KWtqc7-817cHYJXVHkADCimzIlhMRPE1XmPZHjwzOmRN7hZXqqqV_PI_5Hzm7COswurGYrbwzOQU2iVQF93RlUdt-6mpjLtsvkpFfaIZsFLs-kmvo6Rg2m-Y_th48bc3OPddQrt15bL_XE4pD7AdXWLHOiuDL9qPxXAN5bgyw4BkMSa5KSy2rAOAjGB1GkEpH0Lfffw92jBq3oKOEdw05PYhxZfvZ3sm_FrurY7D7oZtuwrksYwfejAP4QrR_pZtH_4zHgfLW6Ug4D759iX1zxy_QoSD18_AHXMqusmTTaQv9ZvKwvZzh8S08WHHn24T3Q_DJ-8a0cozzedSDIkOjCN9H7cMkk7_pZruJmiYsTHYGLJShR7Sf_fUotJcNPq2Vv_-j_QnSAIWElpwbHZ9FLKwOFJz1vVPi1LuaYHcgEulPdDtSbX5LSuafTgVuT9BCpC8M8Wc8L-kwOuDP4dB9v_sG978mIL5j-KsAdai0qVesq1oHsnhigjmdPEbcaswOODE60s7DxoSOZbNenCo11H8AvK7f47LPx7tIKGTnEsyye7QXagyfLdt-H_Rv_Bo7cOxN9pv00SK4x_QjCPXuc8tI2uBUUP07EkW7alrbRh0BJt6LSGx_xWXLfsqLB0cjR0JteKj3Sp9_kuKZ8oqV2DU-ItmgbkzOjjFPlNgnwim2TQCngmqtmq5n4JcQ_4FeUfda0frnTficwCDxX8xis2xGebuMoL0p0Y4-MNNI1orQU87AwEnwosZr3BCw3J4MW7etwzNChCj370Ww73Dy3KBsCeAAAgQHCKaKCXROkNx14OU7Ap1Eio8XO3HHBvnVUxpg34zmj86iFUYs0kn9EH1DJudghDoeZHF53l32zktvWjSHif5somdc8yXy9gFvV2jgU_mG1UJ58wZawlSRHJtty65sD1s_VhDy9cyHOZ7U4PBtbNcZ0xD2lR8OBFunfSXDXaekBQPyWe8IPONj0aqXZmL34RrhZW1wDM9mkRghT7d5GQiBB57s-EXlSZjkQlVxNCsl-HzrktsI5T0R4qJfvxZHi5PWIjtQZA1tJFbUBwCLlu3XQykYaxJ-YHaxFwznWZlOp1-dtEOgVnSyQQPkYzY9VT7Cp_45c1FTluvzj0zYn6t4KDb6Gu4jmTkwLstcEU6hztK55zaN9srh7b1YgnLV7CwoUnSQvZzGl5c1L1HY9PPOi-M6-JO9bqaI3xoL87_eKRKgZwbqlP2W8R64D18j2tnqx8oXXNkkZf61cAUGdEcPmA828i-FEvMdcDdjFrEvUx_-4vTqUizHujfokZJhXaCHF1GZChxsJBCjWojd_zKLLuckmLiS_85-gi61l00Bie8rPTjqGt1bc857Das8qiC6P346KAKAAQQF1AXMzvCiHn_wBtP2eVMJprnZutsltDFg0LRRgiLzfUGgo8U-rtHBMRVrMP9a2wztKxecPEieiotGUKFWiQl1YXlchjPI39Qa-Rj6RrFdZc2fy5NfmBf1NHP0C2slMgkQ0Yl6qYNBsPiZB_lSPfzHbqv5W_lkVr50i_6_e5UNRrzuPK_QqrgtNMzoKr73u4fRvMF_hqBgAWk8&cid=CAASEuRoA7OTxJ1j1TuGFpgU7HSANA&rfl=2%2Chttps%253A%252F%252Fpostindex.pp.ua%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 16:24:03 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 117A 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 16:23:42 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 117A 41 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 10:34:41 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A9B7 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Jun 2021 08:59:18 GMT
expires: Tue, 29 Jun 2021 08:59:18 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 26802
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 117A 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e94a47162319f290123e325c50e21dfff19faa71158111decedb0e7ab84d86c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4091 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 28 Jun 2021 10:15:44 GMT
expires: Tue, 28 Jun 2022 10:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame A9B7 35 B
464 B 28ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFlPf7b3lCaFOtSW5xlntDo&google_cver=1&google_push=AYg5qPLyUV-0HTFjaBb4rio_tAFnoriywZnBUIskrjRM8clpe-p5fjj-rE8DeuBabRNAav02jyNU9GwNAnkfM4gtbxHg7vTLuRF0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A9B7
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIvWceYmdgwz7vvfuFzUEfoylNq5ozxnQDtL-pB75XwCzRz64fFicnOlyRYr7xsJwCgXKKCeaBzKvxosZh6VaaTkR84_WErzA&google_gid=CAESENFcc9KtQ5ySw-XJLU4tuJo&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJjw54YGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBJdldjZVltZGd3ejd2dmZ1RnpVRWZveWxOcTVvenhuUUR0TC1wQjc1WHdDelJ6NjRmRmljbk9seVJZcjd4c0p3Q2dYS0tDZWFCekt2eG9zWm...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa2o1TjR3a0pPdlZzdjdmaHV6SkJXQjNwX09YalkzeHltWnl6N0h3c3Vfbw==&google_push

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa2o1TjR3a0pPdlZzdjdmaHV6SkJXQjNwX09YalkzeHltWnl6N0h3c3Vfbw==&google_push

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Jun 2021 16:26:00 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa2o1TjR3a0pPdlZzdjdmaHV6SkJXQjNwX09YalkzeHltWnl6N0h3c3Vfbw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A9B7
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE6aaU1N8tUdjq50ZZu-B2c&google_cver=1&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc
https://rtb.openx.net/sync/dds?google_gid=CAESEE6aaU1N8tUdjq50ZZu-B2c&google_cver=1&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc&google_hm=BI2UdizszLEMD-uCeJr92Q==

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc&google_hm=BI2UdizszLEMD-uCeJr92Q==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI69EGUTAvxltY6xcSOn3s61ayOum5GY93OreloR_CXpmf0utk7wuBrzH0sLkGMFlQs2m16iNaWlhDYWWkLbPIKvRwTIbsc&google_hm=BI2UdizszLEMD-uCeJr92Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: t4omukbpcikkcakpaa7hmjhtv00erp7u

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A9B7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nwTFlKYfQuCU3sREHb0XLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nwTFlKYfQuCU3sREHb0XLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL17kCs4JYmiIXo4rWzYM2W6Y1KGzcg2rvFB13BBYqm52-lh3Hj3G-Spk_Wep1Pl9SW_4Ttkh8VcYKysOgTVCG8ztSuJ0xm1w

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nwTFlKYfQuCU3sREHb0XLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL17kCs4JYmiIXo4rWzYM2W6Y1KGzcg2rvFB13BBYqm52-lh3Hj3G-Spk_Wep1Pl9SW_4Ttkh8VcYKysOgTVCG8ztSuJ0xm1w
date: Mon, 28 Jun 2021 16:25:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A9B7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJf_7g-J3-LrMbKygMKA2A&google_cver=1&google_push=AYg5qPKWXjIvE7FWwIo7Cb9xk6Eb9uXYdb01f7-Wm0Iq_fR9bsIzVqbMU2-9DPZD2zN9JS16IaU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FHVTFYVEQtMS1LU0lK&google_push=AYg5qPKWXjIvE7FWwIo7Cb9xk6Eb9uXYdb01f7-Wm0Iq_fR9bsIzVqbMU2-9DPZD2zN9JS16IaUCqtCmatjU-RzfuOYaOMx8D3HO2w

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FHVTFYVEQtMS1LU0lK&google_push=AYg5qPKWXjIvE7FWwIo7Cb9xk6Eb9uXYdb01f7-Wm0Iq_fR9bsIzVqbMU2-9DPZD2zN9JS16IaUCqtCmatjU-RzfuOYaOMx8D3HO2w

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FHVTFYVEQtMS1LU0lK&google_push=AYg5qPKWXjIvE7FWwIo7Cb9xk6Eb9uXYdb01f7-Wm0Iq_fR9bsIzVqbMU2-9DPZD2zN9JS16IaUCqtCmatjU-RzfuOYaOMx8D3HO2w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame A9B7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRK...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame A9B7 43 B
296 B 69ms
22ms Image
image/gif 2a05:d01c:1d8:8101:e336:1261:a63c:d3a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEP6_kT3u06D1ExWB3RyV3cQ&google_cver=1&google_push=AYg5qPIKrtsv9b_sXG0wkworR9PDZCPZYRUlkV6oWSAr4qN4gRGsU6PzAbadEYBrCBOc3YTjoiIeqJC13czLZKHcEhIEo1gbtMXt
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:e336:1261:a63c:d3a0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A9B7 0
59 B 35ms
34ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQWw1fM4CbaJT2B3o298puA4Uo6Kfru1f892U21H_WsctkPIG1uR7_n73E4jdQczJlKWKF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:26:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 117A 145 KB
56 KB 112ms
52ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8b7463cf1666589e13b782ab29952b529cc37a5dab383410b46bafa83294f977

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 16:26:00 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 57237
Expires: Mon, 28 Jun 2021 16:56:00 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/ Frame AC88 6 KB
2 KB 20ms
7ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c20b52a1f46542118c08ab8307d9deaf16eb6c5828853f0192907bd711e0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1962
date: Mon, 28 Jun 2021 15:13:38 GMT
expires: Tue, 29 Jun 2021 15:13:38 GMT
last-modified: Mon, 07 Jun 2021 12:03:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 4342
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 117A 0
107 B 130ms
65ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuILbbJv7c00yxyvR21HvjS-DFPE2hKkDoqH-2j6sScQIfXTf1n4Mu8qo2nJI4pkLdHrRq1EEN_MvJcFXzqNsoJMyDQCNXoOsMs-W5GxS0kVWIiIK_mx_XLQhKPT2uXvdYjI3iUjzvvcyvjS_OYhsZKIoWm23frywc7JYMp3FQah9IQ6FS6A2m3UBZeljCZMqTE_dCTiqC4jq_WsAP32EMtdjTCOPPg341SPM7rNGI29AxXuvC2hdPRZ1Qe-Da-IGnaev1UydLSpblqUiwQJXd6drSXml4-f9dOzy3bFeghhITGQLWuHNSK5-xNjYTMCLGFy_mWlwNLAgeAUBwkpbAsBiO2AsUkAxi4TrB1d9hefsb6ifqO3m_6z_2xgUr2J3ysdXPt8lDMgBrjVY0BHJJQlsmeUJEwMpSgUbWJ4otVuvqfQ11mQb8OYPc4nkKwjbfJ7UG0MJwaJoJl4biVLi0w0GVfRm9e28sjv5nyc2R9790Si60W1mZP5NRnkvbKR--xkT2nzVqcaLaURg5sdbigk3-FgWGlw7sGX9ymGc7YXeCr065bjrXXCJ5gAA3ort5crXIrfwKFe_HoD6JtN_7GRJfR0gLSw9Ps-zMCRS0gwO9dufKqmdxxAGVBCka4n0r3TJuGojeJrHNtNzW7QKtojBL9xruOeWE0bmWuYXKf0Z4pYL1VQvbX9ALJT5AC40PZtCqBPPBH_414oZ9IqbLKd4mpSWKA4MMXZ7fpEDYX8ctVobEwOziPZGBEILxeYtyQ-RbIEEL4i_8sME0N5GWQQyy8p2r-PyVYwxIxNpc8Oh6N2YKsByiFihFBvZnVyi__iNj-IXgfGoCd0SOsQHOQT8nHcGcDDX6YWJzmIGQhCBytxjwC1YWBcOreYg_lxIKCHfra16avoV0r-C2F92jaLIE4tOa2ARxSWQD5Nb0AOfxQBgHHlwkOdtu28Xjkx8mfzFFNHGkiDNbf-gNS1Hncdi8B9fbOq4BPu_Ng1td3mo6ihEj8d68iPFdtBRYDoTHXsAL4GQv-JBtmOaZZbtMy3QBpzMLERQF2VopCKOCn9aMs9xcxm2NL-saHPE8GOkcxmsX_ZB-_gS_ovwEqRtUsUguf4Mj29t53AE2DAyPRQ_PbZKB2w8rRojdMsI7TwJmvQtoLnZeFrg&sai=AMfl-YQGurYyangfspwmaznCBBdqYG5H1u68MqGu4_qIWJze7CFr-2lXR_jHrPtTJkfkH_NaNCW5WX21X2q7vaQ3tNSWhPdSJAHBCnROL1YtD2u8g_MpodKvzVs_GwmAw57x7f75cixIAIe-7uBWhU4xn5z4QjNWTQ&sig=Cg0ArKJSzJkOK00p4K8eEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=67&cisv=r20210624.83025&adurl=

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 28 Jun 2021 16:26:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

tp.gif
99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net/ Frame 117A
Redirect Chain

https://de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_3301&c=26016321_305668312_152272367_498407340&cp_c1=26016321&cp_c2=&cp_c3=498407340&cp_c4=305668312&cp_c5=&cp_c6=152272367&cp_c7=&pr=304...
https://99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config

42 B
434 B

110ms
28ms

Image
image/gif

13.224.193.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 09:42:50 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
last-modified: Thu, 28 Nov 2019 09:56:25 GMT
server: AmazonS3
age: 24191
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 42
x-amz-cf-id: xpaZEPAPOBYmrX5v1VI6qb-Uo8uqtnYoTYImmB3bEcRGbBZJ7NGKCA==
expires: Wed, 21 Oct 2015 07:28:00 GMT

Redirect headers

date: Mon, 28 Jun 2021 16:26:00 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: AMS1-C1
x-powered-by: Express
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://99B883302BD98F9706B8AD4E90EAB4888678E19FCC41D27018E072E0.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config
content-length: 136
x-amz-cf-id: EFb_yHMZlgmJ22qLgs-DHgXgpUCH2k_z7DjWWf4bJjzuzFdYOexvtw==

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4091 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 14:57:07 GMT

GET
H3-29 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AC88 60 KB
24 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Jun 2021 16:26:00 GMT

GET
H3-29 200 script.js Show response
s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/js/ Frame AC88 2 KB
763 B 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04375719f9a1e969cd72d35316117f53930e97f96d99151d935624c5898b72e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 22:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 739
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 12:03:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 28 Jun 2021 22:00:14 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 117A 0
545 B 63ms
62ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: postindex.pp.ua
URL: https://postindex.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 16:26:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4091 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqRMAGPjZYJqFD_mS9u8P_buP4A0AAAAAOAHgBAI&bg=!0NOl05fNAAYo4NJEKOA7ACkAdvg8WjhsT3V3WHBBH9wOfgvze62AEp5oKLgsnqpsd_bHJ6A-tEJWTgIAAABLUgAAAAtoAQeZAr49CVdSZIrSX5ccBhvZ2r_PxsrNNhlOfxyVu-TvFCWWh_EP44fTsW32HryRQNxf2Z2nVtpu_AsWnFYb7cm4BI7JexqdNmL7ABFGH_Q4ieXgYmiSLmgADw_dF73gUAA27IZa6PUKsC6YJfhtPH7fXV4WBSi2hyCDNTXZacGIFSjnq88ay1mTL50XUykk9uy8Xewv4FfzW1HmfUbS-J_w0aztCs45vkQY2KgWtBT31oZ2J3nMugeRSBLzYeCjbBwMuLcy2Emxvry1TSodwYTpVNK1bQ83q6AQ2CU0vfk1cf5-OJz_UrwGOesFOhsfxxPNprwvYuYk7FUWa5Pklr7Zop6vNkd0kmCsaLlnvlKPoYZ7pY0yG8lGhe9WlJWZvtpSaGcMN-zrH6zwZ7doWNgY4HOwTf7yl_EN1YBHO0buSzgEGGsh7DRB6_pDNdNMLtaqQ4lVUZYPPWbyp-vj0ZFyPsnoP5n50mA-4YlVGJUcqZqBTjcLiXsBuoNLKimGLHwJsToAc9NdbyInQrdR20hVhKCOWbKrRnsVKSgQwN5JKF3qifpA82Le6ArSwOlhU2Y41JqiKBhiAVL2uJscc0iTfGNZEhkFdp8LCWulhVAEApuJvZeuLkDHyafzR3doSlHNePt3rxE_3XXaHq__pfRLJZe0ZcNF81v0Gp7jebFfC0FOFsASYqrN2XrGqU2noi6V6uS_OaUeL-CG-RLOT33h59sHYAC526i1sEwedaWxWgBJafsXMuo_KnOOuQQXbUNBRu2f6wKWVqZAJd1V5X-vDmVWSrRsnpnjSuJPKNpxaSenBslX6YEJQRxZ6U4nrWXHcwTODxOYVtA6oWhJPX8E3XvzzVbdw9XN-MW9wyDNUOhndp2Qi6LOrePVWDvRFCMrr1JKkeN1_N6pKAkD26vtneSyYj0KlevotHieAJK2aV8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/ Frame E6FB 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 16:22:36 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame E6FB 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 16:24:18 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6FB 125 KB
38 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:26:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469964731542"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38558
x-xss-protection: 0
expires: Mon, 28 Jun 2021 16:26:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame E6FB 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 16:15:59 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E6FB 0
0 14ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDWKBfeacgS3--A5FFdjgn5-rWgaypt5vMdDXcatNPeGf6mN5_yxD1n-kbZt2mM9CGXpq6TRKVmgPWBk1eU-DwjaMwcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 9632 62 KB
16 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11575576717432054682/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 23 Jun 2021 10:12:14 GMT
expires: Thu, 23 Jun 2022 10:12:14 GMT
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 16673
age: 454426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6FB 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPD-mF_jZYNr4OZbV7_UPg8asoAvnq-bmYuTgooOGDp_VmM_aGRABIJ_svQZglQKgAZ_n0vkCyAEJqQJDNkOZewa0PqgDAcgDSKoEuAFP0N9W2HvhyvGOLFo9yhTCGavcBBrCqKDVCAu0e0mURKB0gKZgxOzjliNF8HT_7R8BoRV9l_eaA2jIDTwC9_i8BzoXVYWEQSzFeW7xlvs6BwSfc2l69dzaAshvvBuyVsQ2KgXEPC9fhEeSO1J2v8MDz5-yJ2V50Xvst1JoLjemwB3fmfAv5A0snXHcCgbM5EVJO1cpXoiLbSgt7NQzBdz2g_FbjPi0JVMPk7ODofhSCZLn4m4OAxbnwATX8e61sAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHyZithgGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQrpQC0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTE3MjMzNDA5ODE4Mjg2Mzg&sigh=9lulzuY_5KY&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 28 Jun 2021 16:26:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C2C 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVH2Fa_jgfRo8FfSYQOURJWAy8T6iTtjH_BjA0J791KQSYa0YlSub3SsecjDA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=280&adk=2820229021&adf=1123778336&pi=t.aa~a.2824687176~rp.4&w=337&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=337x280&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=2&bdt=381&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0&prev_slotnames=5085332967&nras=2&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=244&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CsUlAVhwNj&p=https%3A//postindex.pp.ua&dtd=12

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Jun 2021 16:09:03 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E6FB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5ab3f4291347dc223d975a32216fd3d5c885a2df39aa40ac4ddbece477a814

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame E6FB 0
20 B 55ms
40ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrg7Y7fuvECFZbquwgdAyMLtA&gqi=F_jZYJWsOaTZ-gbamIfICA&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9632 16 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 08:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 29 Jun 2021 08:10:45 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9632 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 28 Jun 2021 20:19:58 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C2C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVH2Fa_jgfRo8FfSYQOURJWAy8T6iTtjH_BjA0J791KQSYa0YlSub3SsecjDA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Jun 2021 16:26:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 28-Jun-2021 17:26:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Jun 2021 16:26:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Jun 2021 16:26:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9632 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 14:57:07 GMT

GET
H3-29 200 cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 9632 8 KB
8 KB 12ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/cta_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 456657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8540
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Wed, 23 Jun 2021 09:35:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 09:35:03 GMT

GET
H3-29 200 fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 9632 14 KB
14 KB 10ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fechas_vertical_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 405999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13906
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Wed, 23 Jun 2021 23:39:21 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 23:39:21 GMT

GET
H3-29 200 experiencia_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 9632 15 KB
15 KB 15ms
13ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/experiencia_vertical_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 465490
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15206
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Wed, 23 Jun 2021 07:07:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:07:50 GMT

GET
H3-29 200 summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 9632 16 KB
16 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/summercamp_vertical_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 456143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16162
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Wed, 23 Jun 2021 09:43:37 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 09:43:37 GMT

GET
H3-29 200 fondo300x250_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 9632 94 KB
94 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fondo300x250_1.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 456143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96133
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Wed, 23 Jun 2021 09:43:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 09:43:37 GMT

GET
DATA 200
OK truncated
/ Frame 9632 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 29EE 145 KB
56 KB 43ms
42ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8b7463cf1666589e13b782ab29952b529cc37a5dab383410b46bafa83294f977

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 16:26:00 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 57237
Expires: Mon, 28 Jun 2021 16:56:00 GMT

GET
H/1.1 200
OK stat Show response
dbg01.meetrics.net/ Frame 29EE 82 B
351 B 144ms
37ms Script
application/javascript 88.99.148.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dbg01.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.148.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h680.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 16:26:00 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 28 Jun 2021 16:26:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame 29EE 0
208 B 116ms
38ms Script
application/octet-stream 136.243.12.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h310.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 16:26:00 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b94.s79.research.de.com/bb-mx/ Frame 29EE 43 B
291 B 104ms
32ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/bb-mx/submit?/naXKBBAAATkzFdFAAAAAAwSaBaBAPAAAAAAAAAOAAAARksFAQtjFuzbNSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:00 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 28 Jun 2021 16:25:59 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 112ms
34ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKCBAAA/whF4Ro0F0wFz6BvvAnvFvnFslFhkFzuBnuBkvF1iFslFjsFpjFruBulF0vBwhFnlFhkFvhEkzF/jEspFluF09BjhFtwE1iFtxA3yAzzA0wA54Ax4Ay4A2zA4mAv1F0wF10F9oE0tFsmBo9B5wAmhEkrF9zAx2A14A0xA03AwmAhkFm9BxwA55A14A34A01AmwEp9B0uBhhF+hFu3A3yA41A40A3zA+yFwuBxmA39BxyAwwAmmE3yFu9B0mAm3FyuFo9BxwAwmAstF09Bx2Ay0A45A31A15AmyEhmFt0F9xAm0Ev9BxzFmwE3wFyjF90Ay2A31AyyAy5AzmAwzFh9BwmAmvFytFh0F9xAywAw4E5wAm1EysF9oE00FwzFlzABlByGElyAGwFvzF0pFukFl4FuwEwuB1hFlyAGmBmsFhzFo9BwmAm3Fy9BwmAwyFh9BzmAywFl9BxmAylFzwFfmFt0Fz9BzmA3nFs9BxmAmhF90AwmA1hFjoF9XE5JFpMFDJFpMFDJFpMFDJFpMFDJFpMFG0FkMFH1BxiEH3FziFuWFziFD4F1kFX4FzYFRuBumAk0F9xA2yA04A53A11A55Ax4AmiEwwF9xAmiEk0F9zA4yAmpEk0F9wAmzEo2F9yEywAyxAw2Ay0AmjEi2F9lAyGEyyBwxA5wAxzAxmAw0F09B5mAzhFskFy9BhhFmhEi4Fl9BxmAjvFvrFplF9JEElBzEE4zAyzAymE5zAw4AmmF4kEjyBtyAywAi3By1Aj0ByjE5wAw1AhlBzBEUlBzEEx2Ay0A45A31A15AlzABSFUlBzEEx2Ay0A45A31A15AlzABTFlzAEBFMOFJfFNZFmqFliFM6FquFuaF2qEZMF2XFRJFIuFyyAIrFF4FBmBwyFl2FfmFt0Fz9Bw4EwlAyDEzzA34Ey4AwlAyDExyAwwA4yB4wAmwEylF2fFzsFv0FuhFtlFz9B1wA41AzzAy5A23AmuEyhFz9B0mAjvFyyFlsFh0FvyF9yA24Ax0AzwAw1A02Aw5AmmEytF9yAwmAw2F9xAmnEhfF2pFk9B00A25A1yA3uAx2Ay0A45A31A2wAmnEhfFzpFk9Bx2Ay0A45A31A2wAmnEhfFopFk9BxzAxxAw4A43A4zAmnEhfFmjF9wAm1Ef0F69BxyAwmA1fFopFz9BymA1fFqhF2hF9wAm1EfoF9xAywAwmA1fF39Bx2AwwAm1EfhFo9BxyAwwAm1EfhF39Bx2AwwAm1EfjFk9By0Am1EfuFwsF1nF9wAm1EfuFtpFtlF9wAmhEk4F9yAwwAmhEk5F9yA01A2mAipF39Bx2AwwAmiEpoF9xAywAwmAzjFyfF49BwmAzjFyfF59BwmAlpFk9BzxAw2Ax0AyxAmvEpkF9zAmwE2zFpkF9zA15AxwA03AywA54A20AwxA2mAlhFl9BwmAmjF9xA5yAwmAiyFkpFt9BwlAyDEwlAyDEwlAyDEwlAyDEx2AwwAlyADwBlyADxB2wAwlAyDExyAwwAlyADxB2wAwlAyDExyAwwAm2EpzF9xAmyEz6F9lA3DEl3ADzFl3ADmBhiFs9BOTFmmE19BxyA4mAijF9zAxmApmFp9B1mA1jFp9BhhB1mAi0F2pF9zAmmEziF9xAm4EwjF93EPwFYiF4VEuGFxmBw9Bo0F0wFzlBzBEvvAwvFz0FpuFklF4uBwwFu1EhmBk0Fk9BywATkzFARksFAQtjFVBM5ZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:25:59 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 113ms
34ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKDnAAA3pyFo0F0wFz6BvvAwvFz0FpuFklF4uBwwFu1EhvB+k2FoywAyxAtwA2tAx0AtxA16Az3AtyAywA0zA0tAyuAxyAyuAztAllFy1Aw4Ai3Bjp6FtxAywAsp3Fx2Ay0A45A31A15A5zA5BEjwtFuvFulFkqnFluFtVETBFLlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2wAx2AzyAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAw1A22A4zAxyAmjEpkF9xA1yAy3AyzA23AmzEp6Fl9B3yA44E5wAmjEi9BzwA01Ay0Az0Ax4AL2wFBLl1FC92iFuhF2pFnhF0vFyfF3lFikFypF2lFygBuvFfwFs1FnpFuzF/2xFsCylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0zF0vFyhFnlFpuFmvFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FylFx1FlzF0hFupFthF0pFvuFmyFhtFlgBjzFzfF3lFirFp0FgjEw1FfxBygAyhFtfF4gAthF4fFluFnpFulFf1FurFuvF3uFUkzFMBGCAAAAAwSaBaBABPBAAAAAAAABeXaAZIAAFAx8Ez8ExBEGAxwA35A54Ar++MAPAAAFAAeXaT++MASksF5EbAAAAAAAAAAAAEAAAeXaAAAAAAAIAy2AwxA2zAyxAJAzwA12A24AzxAyBEHA15A1yA3zA5BEGA3yA44E5wAJAx1AyyA3yAz2A3BEHA53A14Az2A2BEdsDAAAAYLAaBAFAAA++MAAAfBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AyzAw2A30Ax4A31AwvAxyAtJEXFFtJEPOFJRF1tAMlFhkFlyFivFhyFktB3yA44E5wAtLEl5F2pFz1FhsFvpEukFl4FuoE0tFsBFCATCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjF+/y/UA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:25:59 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 114ms
35ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKEoAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjF1hVNSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:25:59 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 37ms
36ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKFyDAA2rvFo0F0wFz6BvvAwvFz0FpuFklF4uBwwFu1EhBFLruFBLkqFFlqwFyyAw0Az0AL2vFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2wAx2AzyAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAw1A22A4zAxyAmjEpkF9xA1yAy3AyzA23AmzEp6Fl9B3yA44E5wAmjEi9BzwA01Ay0Az0Ax4AlqwFyyAw0Az0ALkmFBTkzFkQ4AAAAAwSAYAAAAEBAQAAAAAAaBAXAAAAEBARksFAQtjFfP9bSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:01 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:26:00 GMT

GET
H3-29 200 style.css
s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/css/ Frame AC88 1 KB
434 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca3510709a68b34b7a8d16d42f75b67c5a6a5b79c46c897799e3bfbc3e4b4f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9758366/1623067418750/12-IWE-IONIQ5-Leaderboard-728x90-Keyvisual/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 05:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 410
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 12:03:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 29 Jun 2021 05:11:16 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 35ms
35ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKGEYAALl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Ay0A45A31A15A5zA5rEqyFixF5lFnxFwBFTkzFPPrOAAZAwSAcAAAARksFAQtjFwqbPSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723340981828638&output=html&h=90&adk=3165841470&adf=1099587845&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624897559&rafmt=1&to=qs&pwprc=4267522293&psa=0&format=1200x90&url=https%3A%2F%2Fpostindex.pp.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624897559918&bpp=1&bdt=382&idt=0&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D83232f9308ff8dc2-220b725c42c9005a%3AT%3D1624897559%3ART%3D1624897559%3AS%3DALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA&prev_fmts=0x0%2C337x280%2C1200x280&prev_slotnames=5085332967&nras=4&correlator=2681430054609&frm=20&pv=1&ga_vid=4469527.1624897560&ga_sid=1624897560&ga_hid=1311088783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061421&oid=3&pvsid=3591047209864016&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wOpXb8UnFq&p=https%3A//postindex.pp.ua&dtd=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:02 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:26:01 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210624&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7f27ee0207be4d64b763c1482c410f8a3cc8500a50db7647c98093dba713797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Jun 2021 16:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8437
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 28 Jun 2021 16:26:03 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BFFC 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 28 Jun 2021 16:25:17 GMT
expires: Tue, 28 Jun 2022 16:25:17 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 46
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F538 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4e6ec3034c822f1ee3ba8cc7cd55682c0193e3aea2fd469404bb19476d43542

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hErRELkxzFbljwuTLC5a1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postindex.pp.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postindex.pp.ua/

Response headers

expires: Mon, 28 Jun 2021 16:26:03 GMT
date: Mon, 28 Jun 2021 16:26:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-hErRELkxzFbljwuTLC5a1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame BFFC 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 14:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 14:57:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210624&jk=3591047209864016&bg=!W1ilWBzNAAYo4NJEKOA7ACkAdvg8WmT3aKAQpFHnrH5lYvOfn8zYR4nBbMMohsmh3FgZ81_V4G78vwIAAAA6UgAAAAhoAQeZAn8EJ6gupPSg3L7CpGJS8poW3lFW2FoC5lhatrNDKa0C_tzzRHbbfAPtocoZx7nWu9nlg6UpbvnMZYKHN2hKDmQTtGHS6wZGPDDY3U4mToN5An46FPOVl1-bJ7O_-FMPsMiRD4IP-eSgeldoS8FOXKHc6eYybujn3i-_bPTTYdYwePsG6knesiwsWgBa7oANJJCyNekMhyDPWK-1pc-do0M_DQL4mKUtyeDVykDkxbhotn3bh-Y0j6w3MlQUmxVS4R_nvw5G22tfdQVEq3__CbSKGwMqnk1XgZ1tb7Z1MckRlBONJweoDTorF9eSEkuGxW89Tks0AlAhRBBw9y0XSfiMPvMvY05_8BHvPRZylxfIQ42Qj1OXTssKFB0yVBCCO3bhgt2VMQOGmWTlrbpfwVk4cDoJmcj7znZjouKCl9G2e6VPUe1f5W39IKnl9Xdqmyikz7Y3MQTG5YC3Pkzn1vyADVzPqIKQSfDiTUT312QBgb7JDRpMg3ezOtUpRIMCzxwpexLhtc83WZTaOEnvqF_pVAYDwGnmvohHP9z44szqwXGT-yHfeKO4_OeiJDFCsjp7vyavN5JVRJlCbMKGzP31hE9EcXrzyGsv-HO81jjVVKpkst3I2aCnQjIUx46k4TfHSOp9lFxyLxNhW7JReveCOyJJy-5DErm1GBieUwS9udTh--bnyJ4S_2RFKv4HX5xGaQXexVuaHm29MzYpKMBIdsX_lw_ZczsQVd2A6o-KQ2MjZk2jMTb0-01JG62MUIngskrADYhh87U4HptJ52DofqstDmPM11C5SlfhyDxarw7uELtLHjoc57C7EDJ7j_BhDjkkxx4V6c5UmebYE8M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postindex.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 36ms
35ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKHO7AAl2yFuvFfhFwpFTkzFARksFAQtjFXnRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:04 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:26:03 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 35ms
35ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKIUOBATkzFARksFAQtjFmvJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:05 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:26:04 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 35ms
35ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKJ+vBATkzFARksFAQtjF+vJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:07 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:26:06 GMT

GET
H/1.1 200
OK data
b94.s79.research.de.com/ Frame 29EE 43 B
308 B 37ms
35ms Image
image/gif 136.243.13.143
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b94.s79.research.de.com/data?/naXKKE/CATkzFARksFAQtjFLqJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h317.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Jun 2021 16:26:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 28-Jun-21 16:26:11 GMT

GET
H2 200 dc_oe=ChMImvH_jt-68QIVeYn9Bx393QPcEAAYACDv-81IQhMIxarujt-68QIVU17lCh0_Igdf;met=1;&timestamp=1624897573899;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 117A 42 B
254 B 62ms
60ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImvH_jt-68QIVeYn9Bx393QPcEAAYACDv-81IQhMIxarujt-68QIVU17lCh0_Igdf;met=1;&timestamp=1624897573899;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 16:26:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNn4GFAXR2k40DmpTQ3UAwAABMMAAAIB&google_push=AYg5qPL1zsON7I3oVx9B4cw0xVCppRF1VLTQ91P1ynDvEj1kXMFo0DLl5kyMEKpJVrBnKfra2aY3Q5Y3xpSSMh6LRKoQYWNoqcaJOw&google_cver=1&google_gid=CAESEAOTAI-J6T1qzn7l0gw-690

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:21:41	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:43:13	Name: IDE Value: AHWqTUlVH2Fa_jgfRo8FfSYQOURJWAy8T6iTtjH_BjA0J791KQSYa0YlSub3SsecjDA
.postindex.pp.ua/	1970-01-20 04:43:13	Name: __gads Value: ID=83232f9308ff8dc2-220b725c42c9005a:T=1624897559:RT=1624897559:S=ALNI_MYfjebLzjnnZ6jYLvWQIHn22HkExA
.postindex.pp.ua/	1970-01-19 19:21:37	Name: _gat_gtag_UA_109891918_2 Value: 1
.postindex.pp.ua/	1970-01-19 19:23:03	Name: _gid Value: GA1.3.165493029.1624897560
.postindex.pp.ua/	1970-01-20 12:52:49	Name: _ga Value: GA1.3.4469527.1624897560
postindex.pp.ua/	1970-01-19 19:21:39	Name: _pk_ses.3.37a6 Value: 1
postindex.pp.ua/	1970-01-20 04:47:32	Name: _pk_id.3.37a6 Value: be7c4eb0ee3310f1.1624897560.1.1624897560.1624897560.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

99b883302bd98f9706b8ad4e90eab4888678e19fcc41d27018e072e0.trk.sensic.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
b94.s79.research.de.com
cm.g.doubleclick.net
cms.quantserve.com
dbg01.meetrics.net
de-config.sensic.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
postindex.pp.ua
rtb.openx.net
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
13.224.193.30
136.243.12.130
136.243.13.143
142.250.185.98
142.250.186.98
172.217.16.130
185.64.189.115
2.18.233.67
2.18.234.21
2600:9000:2104:b600:c:bbc8:bbc0:93a1
2606:4700:3034::ac43:d50b
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2003
2a00:1450:4001:803::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9c
2a05:d01c:1d8:8101:e336:1261:a63c:d3a0
35.227.252.103
35.244.174.68
37.252.172.37
69.173.144.138
88.99.148.145
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
04375719f9a1e969cd72d35316117f53930e97f96d99151d935624c5898b72e2
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
111d1afc0194f445c068eeaaf20d846dd55846af4fd006196bf97a2378476b8b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b91c36b26063bc99680a27c8d70f383cdf1ccbf5693d5d5173660d9c515b2a4
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22cad3b4a7e397764b1041b1daf63c76d4743f6841b90cb055ddb486b154b1c9
26372f65a85b8f07c1aa627ae67b9171bc812fdd56a71be95a61ec26669d3105
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3de03e9f44cf776c5db7dce532bcf76a2fc6b655688a65170c61633643628adc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5ab3f4291347dc223d975a32216fd3d5c885a2df39aa40ac4ddbece477a814
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
58d0a00b5975c6d7b9e6e447d98d946e42d15acd69039e4fabd2c6813a2ccca7
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
5c88ef58f814c5c0a7b95c04a269ea606a8a2fd01afb14c92f0c7d876df0c751
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
65c20b52a1f46542118c08ab8307d9deaf16eb6c5828853f0192907bd711e0cb
6861bebdee82054b05f5dba23174d623a42354bd85c8209897649f45e8bedb90
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858361d285ad5b0369469afc26ff28e975019a3b3a25ad4748e95178eae88192
894fe0d1b9879b716cac8c7de4bf144e55df39a6f1c08788020ccec6585ed852
8b7463cf1666589e13b782ab29952b529cc37a5dab383410b46bafa83294f977
8daac6680f3d511781a4d1fffc532d77f585c15c12c7f72049ef633aef8b3dc4
8de92a05bdcf334ea96543f3f415cda4ad5944dbc5a452000157f6c971340787
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
92d478fa522f110656747c8eb89ebf87f4eba615656373d067576afee889327c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d94f57ca12c6b11d3a5b925af53744199531d88805812b6c2ae023e984e159d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8c0cbc17cd81cfd2d07cf9fee9f33cfcd0daee7fc31ec3c3aefc4efdbaa9683
aa7f8eecf2446bf9cfffe2277b3a981a6894eaffec9454bc8f8cb2f1194dbb4b
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
b066a52e48447870d0de128069bc1a5dcb8d145374240151c906c2b6fa82edac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dc09052ae13658cd0b429ccfdc24b5329e7432dbac24dd780627aa7ef5bc0b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
b4e6ec3034c822f1ee3ba8cc7cd55682c0193e3aea2fd469404bb19476d43542
b7f27ee0207be4d64b763c1482c410f8a3cc8500a50db7647c98093dba713797
c08a3e23b4f64dc1ff288a6f637d68ddbdcdf2240848888f2082f4c4418550f4
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
c6e90479892ee907be90ba25e52f35ef671a95ab4b15199126b5a886c732330b
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
ca3510709a68b34b7a8d16d42f75b67c5a6a5b79c46c897799e3bfbc3e4b4f68
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584
d9211938b24251259e94d63dd35dfa577fc49032a8ea2fb3905c85616ec8203d
dc40519e22545b5835214128bd107a8304e66096bf086b37e326a3659bf3711e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3263288290ab93b30dbfc1b58638f10fcabcc71254c9e6f2d79ed96f5642555
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
e94a47162319f290123e325c50e21dfff19faa71158111decedb0e7ab84d86c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fdf3d1d9f515506f4c715f9273efb36338e9a80978011b412063699b336fc8d0

postindex.pp.ua Open in urlscan Pro 2606:4700:3034::ac43:d50b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

116 Requests

97 %HTTPS

59 %IPv6

24 Domains

34 Subdomains

30 IPs

4 Countries

1020 kBTransfer

2353 kBSize

8 Cookies

0 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

postindex.pp.ua Open in urlscan Pro
2606:4700:3034::ac43:d50b Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

97 %
HTTPS

59 %
IPv6

24
Domains

34
Subdomains

30
IPs

4
Countries

1020 kB
Transfer

2353 kB
Size

8
Cookies

116 HTTP transactions
1 data transactions