www.online.ua Open in urlscan Pro
104.18.9.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://online.ua/
Effective URL:
https://www.online.ua/
Submission: On March 23 via manual (March 23rd 2023, 3:34:18 pm UTC) from LT — Scanned from DE

Summary HTTP 154 Redirects Links 80 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 15 domains to perform 154 HTTP transactions. The main IP is 104.18.9.233, located in and belongs to CLOUDFLARENET, US. The main domain is www.online.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 2nd 2023. Valid for: a year.

This is the only time www.online.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 64	104.18.9.233 104.18.9.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
16	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
154	23

64 104.18.9.233 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

online.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.online.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.online.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
novyny.online.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	online.ua 2 redirects online.ua — Cisco Umbrella Rank: 846700 www.online.ua i.online.ua novyny.online.ua	412 KB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	403 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 70	124 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	225 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 68180 ls.hit.gemius.pl — Cisco Umbrella Rank: 13402	22 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	194 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2368	20 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8820 www.google.de — Cisco Umbrella Rank: 6058	939 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	233 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	122 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13126	9 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	600 B
154	15

	Domain	Requested by
41	i.online.ua	www.online.ua
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	novyny.online.ua	www.online.ua
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.online.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	3 redirects www.online.ua tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	gaua.hit.gemius.pl	1 redirects www.online.ua gaua.hit.gemius.pl
4	www.online.ua	www.online.ua
3	fonts.googleapis.com	i.online.ua googleads.g.doubleclick.net
2	www.facebook.com	www.online.ua
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.online.ua connect.facebook.net
2	www.googletagmanager.com	www.online.ua www.googletagmanager.com
2	images.dmca.com	www.online.ua
2	online.ua	2 redirects
1	www.google.de	www.online.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
154	25

This site contains links to these domains. Also see Links.

Domain
novyny.online.ua
special.online.ua
pogoda.online.ua
valuta.online.ua
blogs.online.ua
tv.online.ua
calendar.online.ua
pereklad.online.ua
www.uol.ua
map.online.ua
goroskop.online.ua
lady.online.ua
auto.online.ua
retsepty.online.ua
tosty.online.ua
statuses.online.ua
oboi.online.ua
sms.online.ua
color.online.ua
catalog.online.ua
calculator.online.ua
akkordy.online.ua
indeks.online.ua
vuz.online.ua
time.online.ua
avatar.online.ua
imena.online.ua
familii.online.ua
alcohol.online.ua
ogorod.online.ua
pdd.online.ua
primety.online.ua
sonnik.online.ua
klaviatura.online.ua
mail.online.ua
secure.online.ua
www.facebook.com
www.youtube.com
twitter.com
news.google.com
www.dmca.com
makoro.works

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-03-01`	a year	crt.sh
images.dmca.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.online.ua/
Frame ID: 51C1B9E04FF0884FE50C7E35212203BD
Requests: 92 HTTP requests in this frame

Frame: https://www.online.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679572800
Frame ID: 69A318B92566CFE99EFD3B2EDE17010B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/zrt_lookup.html
Frame ID: 00AC656086E7D8752F7752AAD020ACCB
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 5511BCB5843D9BB0952CB62DBB12FC63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&adk=1812271804&adf=3025194257&lmt=1679585653&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fwww.online.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652839&bpp=6&bdt=565&idt=516&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6713373365597&frm=20&pv=2&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=562
Frame ID: 71DDC5F5E5173F8BD3434D8170462518
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599
Frame ID: 9F742A7359E332949B26B57F66AADCDC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=1891960289&adf=2418895889&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652849&bpp=1&bdt=575&idt=611&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q6xfPSbQvB&p=https%3A//www.online.ua&dtd=615
Frame ID: 2BAF7C0E71E5C02C0BDD4648D563C1B4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=7374665202&adk=2175145819&adf=2875120685&pi=t.ma~as.7374665202&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652850&bpp=1&bdt=576&idt=619&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=1590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fw1EcXSEQZ&p=https%3A//www.online.ua&dtd=625
Frame ID: 187D94783896DF27BFAB7CCC16D719B4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=1815276835&adk=552477479&adf=1006047998&pi=t.ma~as.1815276835&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652851&bpp=1&bdt=577&idt=629&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600%2C316x250&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=BPyHu0xNlK&p=https%3A//www.online.ua&dtd=645
Frame ID: DCFA2FC5E0686E7200215071BBDEAC18
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AC6CDD4B7E605D23DA675264AED96058
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7611B048D20217F4EA3CE0428341C084
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 400C78A9297023048CA46424C7B4A200
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AFA7E257D77D86B7D23B2DCAA6324E25
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
Frame ID: 0D24FCF06F2D486D6E046512291ECAC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
Frame ID: B9E0F26B97899BD377051C49733458E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87334EDFD32A00232283A073D112B8BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 782170A99F26D5E622A18AC35C80A487
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України та світу сьогодні. Головні та останні новини онлайн - ONLINE.UA

Page URL History Show full URLs

http://online.ua/ HTTP 301
https://online.ua/ HTTP 301
https://www.online.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

154
Requests

99 %
HTTPS

82 %
IPv6

15
Domains

25
Subdomains

23
IPs

6
Countries

1673 kB
Transfer

4029 kB
Size

18
Cookies

80 Outgoing links

These are links going to different origins than the main page.

URL: https://novyny.online.ua/
Title: Новини

Search URL Search Domain Scan URL

URL: https://special.online.ua/
Title: Спецпроєкти

Search URL Search Domain Scan URL

URL: https://pogoda.online.ua/ukr/
Title: ПОГОДА

Search URL Search Domain Scan URL

URL: https://valuta.online.ua/ukr/
Title: Курси валют

Search URL Search Domain Scan URL

URL: https://blogs.online.ua/ukr/
Title: БЛОГИ

Search URL Search Domain Scan URL

URL: https://tv.online.ua/ukr/
Title: Телепрограма

Search URL Search Domain Scan URL

URL: https://calendar.online.ua/ukr/
Title: 23 березня,

Search URL Search Domain Scan URL

URL: https://valuta.online.ua/ukr/benzin/
Title: Ціни на бензин

Search URL Search Domain Scan URL

URL: https://tv.online.ua//ukr/
Title: Телепрограма

Search URL Search Domain Scan URL

URL: https://pereklad.online.ua/ukr/
Title: Перекладач

Search URL Search Domain Scan URL

URL: http://www.uol.ua/ukr/
Title: Українці онлайн

Search URL Search Domain Scan URL

URL: https://map.online.ua/ukr/
Title: Карта Києва

Search URL Search Domain Scan URL

URL: https://goroskop.online.ua/common/2021/
Title: Гороскопи

Search URL Search Domain Scan URL

URL: https://lady.online.ua/ukr/
Title: Жіночий журнал

Search URL Search Domain Scan URL

URL: https://auto.online.ua/ukr/
Title: Автомобілі

Search URL Search Domain Scan URL

URL: https://retsepty.online.ua/ukr/
Title: Рецепти

Search URL Search Domain Scan URL

URL: https://tosty.online.ua/ukr/
Title: Тости

Search URL Search Domain Scan URL

URL: https://statuses.online.ua/ukr/
Title: Статуси

Search URL Search Domain Scan URL

URL: https://oboi.online.ua/ukr/
Title: Шпалери

Search URL Search Domain Scan URL

URL: https://sms.online.ua/ukr/
Title: СМС поздоровлення

Search URL Search Domain Scan URL

URL: https://color.online.ua/ukr/
Title: Кольори

Search URL Search Domain Scan URL

URL: https://catalog.online.ua/ukr/
Title: Каталог сайтів

Search URL Search Domain Scan URL

URL: https://calculator.online.ua/ukr/
Title: Калькулятори

Search URL Search Domain Scan URL

URL: https://akkordy.online.ua/ukr/
Title: Акорди

Search URL Search Domain Scan URL

URL: https://indeks.online.ua/ukr/ukraine/
Title: Поштові індекси

Search URL Search Domain Scan URL

URL: https://vuz.online.ua/ukr/
Title: ВНЗи

Search URL Search Domain Scan URL

URL: https://time.online.ua/ukr/
Title: Час

Search URL Search Domain Scan URL

URL: https://avatar.online.ua/ukr/
Title: Аватари

Search URL Search Domain Scan URL

URL: https://imena.online.ua/ukr/
Title: Значення імен

Search URL Search Domain Scan URL

URL: https://familii.online.ua/ukr/
Title: Значення прізвищ

Search URL Search Domain Scan URL

URL: https://alcohol.online.ua/ukr/
Title: Алкоголь

Search URL Search Domain Scan URL

URL: https://ogorod.online.ua/ukr/
Title: Город

Search URL Search Domain Scan URL

URL: https://pdd.online.ua/ukr/pravila-dorozhnogo-dvizheniya-ukrayiny/
Title: ПДР

Search URL Search Domain Scan URL

URL: https://primety.online.ua/ukr/
Title: Прикмети

Search URL Search Domain Scan URL

URL: https://sonnik.online.ua/ukr/
Title: Сонник

Search URL Search Domain Scan URL

URL: https://klaviatura.online.ua/ukr/
Title: Клавіатура

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/ugorshchina-ne-zbiraetsya-zaareshtovuvati-putina-za-orderom-mks_n855549/
Title: 17:18 Угорщина не збирається заарештовувати Путіна за ордером МКС

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/armiya-rf-kozhnogo-misyatsya-vtrachae-do-25-tis-viyskovih-v-ukrayini-radnik-zaluzhnogo_n855548/
Title: 17:02 Армія РФ кожного місяця втрачає до 25 тис військових в Україні — радник Залужного

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/finlyandiya-peredae-ukrayini-3-tanki-leopard-2-v-ramkah-novogo-paketu-dopomogi_n855547/
Title: 16:52 Фінляндія передає Україні 3 танки Leopard 2 в рамках нового пакету допомоги

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/v-zsu-rozkrili-strategiyu-shchodo-zvilnennya-krimu_n855546/
Title: 16:37 В ЗСУ розкрили стратегію щодо звільнення Криму

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/ukrayina-otrimala-pershi-4-vinishchuvachi-mig-29-vid-slovachchini_n855544/
Title: 16:16 Україна отримала перші 4 винищувачі МіГ-29 від Словаччини

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/islandiya-viznala-golodomor-genotsidom-ukrayinskogo-narodu_n855543/
Title: 16:00 Ісландія визнала Голодомор геноцидом українського народу

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/u-gur-sprognozuvali-termini-viyni-i-napryamok-novogo-nastupu-armiyi-rf_n855542/
Title: 15:44 У ГУР спрогнозували терміни війни і напрямок нового наступу армії РФ

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/telekanal-minoboroni-armiya-tb-pochinae-suputnikove-movlennya_n855541/
Title: 15:21 Телеканал Міноборони Армія ТБ починає супутникове мовлення

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/zsu-vidbivayut-ataki-armiyi-rf-v-rayonah-avdiyivki-ta-maryinki-general-tarnavskiy_n855540/
Title: 15:05 ЗСУ відбивають атаки армії РФ в районах Авдіївки та Мар'їнки — генерал Тарнавський

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/ugorshchina-blokuvatime-ruh-ukrayini-do-es-cherez-zakon-pro-osvitu_n855538/
Title: 14:43 Угорщина блокуватиме рух України до ЄС через закон про освіту

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/v-rf-stalas-masshtabna-pozhezha-na-zavodi-iz-virobnitstva-dviguniv-dlya-yadernih-raket_n855539/
Title: 14:28 В РФ сталась масштабна пожежа на заводі із виробництва двигунів для ядерних ракет

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/armiya-rf-vzhe-provalila-velikiy-nastup-gur_n855537/
Title: 14:10 Армія РФ вже провалила великий наступ — ГУР

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/chehiya-posilila-zaboronu-na-vidachu-viz-rosiyanam-ta-bilorusam_n855536/
Title: 13:52 Чехія посилила заборону на видачу віз росіянам та білорусам

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/ukrayina-prosit-finlyandiyu-nadati-vinishchuvachi-f-18-hornet_n855534/
Title: 13:36 Україна просить Фінляндію надати винищувачі F-18 Hornet

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/bafta-tv-awards-2023-4-proekti-pro-viynu-v-ukrayini-nominovani-na-premiyu_n855533/
Title: 13:13 BAFTA TV Awards-2023: 4 проєкти про війну в Україні номіновані на премію

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/prigozhin-vidreaguvav-na-informatsiyu-pro-nablizhennya-porazki-pvk-vagnera-u-bahmuti_n855532/
Title: 12:55 Пригожин відреагував на інформацію про наближення поразки ПВК Вагнера у Бахмуті

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/armiya-rf-styague-u-zonu-boyovih-diy-stari-radyanski-tanki-suputnikovi-znimki_n855531/
Title: 12:35 Армія РФ стягує у зону бойових дій старі радянські танки — супутникові знімки

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/v-hersonskiy-ova-pokazali-naslidki-udaru-rf-po-likarni-v-hersoni-video_n855530/
Title: 12:10 В Херсонській ОВА показали наслідки удару РФ по лікарні в Херсоні — відео

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/e-zagibli-vnaslidok-nichnogo-udaru-po-avdiyivtsi-donetska-ova_n855528/
Title: 11:42 Є загиблі внаслідок нічного удару по Авдіївці — Донецька ОВА

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/vagnerivtsiv-vzhe-ne-vistachae-dlya-podalshogo-shturmu-bahmutu-ekspert-oleksandr-kovalenko_n855527/
Title: 11:10 Вагнерівців вже не вистачає для подальшого штурму Бахмуту — експерт Олександр Коваленко

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/armiya-rf-mozhe-rozpochati-nastup-na-novih-napryamkah-analitiki-isw_n855526/
Title: 10:45 Армія РФ може розпочати наступ на нових напрямках — аналітики ISW

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/cherez-vibuh-u-dzhankoyi-v-armiyi-rf-mig-viniknuti-defitsit-raket-kalibr_n855524/
Title: 10:28 Через вибух у Джанкої в армії РФ міг виникнути дефіцит ракет Калібр

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/si-tszinpin-ne-gotoviy-nadavati-putinu-pidtrimku-dlya-viyni-proti-ukrayini-isw_n855416/
Title: 10:10 Сі Цзіньпін не готовий надавати Путіну підтримку для війни проти України — ISW

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/u-britanskiy-rozvidtsi-rozpovili-pro-odin-z-napryamkiv-maybutnogo-kontrnastupu-zsu_n855525/
Title: 09:56 У британській розвідці розповіли про один з напрямків майбутнього контрнаступу ЗСУ

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/zsu-skoristayutsya-visnazhennyam-vagnerivtsiv-pid-bahmutom-komanduvach-suhoputnih-viysk-zsu_n855523/
Title: 09:38 ЗСУ скористаються виснаженням вагнерівців під Бахмутом — командувач Сухопутних військ ЗСУ

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/velika-britaniya-peredast-ukrayini-bronebiyni-snaryadi-zi-zbidnenim-uranom_n855436/
Title: 09:22 Велика Британія передасть Україні бронебійні снаряди зі збідненим ураном

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/u-gur-rozpovili-skilki-raket-ta-shahediv-zalishilosya-u-rosiyan_n855522/
Title: 09:12 У ГУР розповіли скільки ракет та шахедів залишилося у росіян

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/oprilyudnene-video-ataki-bezpilotnikiv-na-sevastopolsku-buhtu_n855521/
Title: 09:02 Оприлюднене відео атаки безпілотників на Севастопольську бухту

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/zsu-vidbili-83-ataki-i-likviduvali-bilshe-600-soldativ-rf-zvedennya-genshtabu_n855520/
Title: 08:53 ЗСУ відбили 83 атаки і ліквідували більше 600 солдатів РФ — зведення Генштабу

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/zsu-provodyat-kontrataki-v-bahmuti-ta-vidbivayut-sprobi-armiyi-rf-otochiti-avdiyivku-analitiki-isw_n855519/
Title: 08:35 ЗСУ проводять контратаки в Бахмуті та відбивають спроби армії РФ оточити Авдіївку — аналітики ISW

Search URL Search Domain Scan URL

URL: https://mail.online.ua/
Title: Пошта

Search URL Search Domain Scan URL

URL: https://secure.online.ua/recovery/?refMod=1
Title: Забули пароль?

Search URL Search Domain Scan URL

URL: https://secure.online.ua/registration/?refMod=1
Title: Реєстрація

Search URL Search Domain Scan URL

URL: https://blogs.online.ua/ukr
Title: Блоги

Search URL Search Domain Scan URL

URL: https://blogs.online.ua/ukr/gonchar-pivnichni-potoki-shcho-lishaetsya-poza-uvagoyu-zhurnalistiv-rozsliduvachiv_n1174/
Title: Північні потоки: що лишається поза увагою журналістів-розслідувачів Михайло Гончар

Search URL Search Domain Scan URL

URL: https://blogs.online.ua/ukr/chapligina-pochemu-zelenskiy-ne-nadel-kostyum-na-vstrechu-s-baydenom_n1173/
Title: Почему Зеленский не надел костюм на встречу с Байденом? Анна Чаплыгина

Search URL Search Domain Scan URL

URL: https://blogs.online.ua/ukr/vitaliy_lunyov-chomu-vinikayut-osad-ta-toksichnist-u-stosunkah_n1172/
Title: Чому виникають осад та токсичність у стосунках? Віталій Луньов

Search URL Search Domain Scan URL

URL: https://www.facebook.com/online.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCKtlV6hrFRatR-K8oKY3Glg

Search URL Search Domain Scan URL

URL: https://twitter.com/online_ua

Search URL Search Domain Scan URL

URL: https://novyny.online.ua/rss/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMI7roQsw1vW5Aw?ceid=UA:uk&oc=3

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=3ad0c3a5-ae24-4d7f-8771-8cf3b90843f6&refurl=https://www.online.ua/

Search URL Search Domain Scan URL

URL: https://makoro.works/
Title: Design andDevelopment

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://online.ua/ HTTP 301
https://online.ua/ HTTP 301
https://www.online.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://gaua.hit.gemius.pl/_1679585653435/rexdot.js?l=100&sendf=24&id=AqTqxmNpY7wZuibduISs3pdQj1NU0abYGy_OUOR4Zp7.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.online.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=RO9mllxQDEr6LQD8gCeuCfGtzhCsyKQuxF4Syfk46gX.f7PqIqGMEpM5g3gzQ6zD_CMXFFfTQ9WO4ITHMPjCczslu8ib/_AwWk2xBAFxnz/&fpdata=Id9wWX55tr.FyTcmI78NDmT4RuxqG_b5mIzmcmGkPOf.l7&ltime=538&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641c71743530365b&brts=1679585653&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1679585653435/rexdot.js?l=100&sendf=24&id=AqTqxmNpY7wZuibduISs3pdQj1NU0abYGy_OUOR4Zp7.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.online.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=RO9mllxQDEr6LQD8gCeuCfGtzhCsyKQuxF4Syfk46gX.f7PqIqGMEpM5g3gzQ6zD_CMXFFfTQ9WO4ITHMPjCczslu8ib/_AwWk2xBAFxnz/&fpdata=Id9wWX55tr.FyTcmI78NDmT4RuxqG_b5mIzmcmGkPOf.l7&ltime=538&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641c71743530365b&brts=1679585653&fpcap=

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

154 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.online.ua/
Redirect Chain

http://online.ua/
https://online.ua/
https://www.online.ua/

151 KB
32 KB

601ms
567ms

Document
text/html

104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e3d37ae58a169cb364d45951c5b8b3f0ec19ffc8b038341e475c3b824c19a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ac7bcb34a739211-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 23 Mar 2023 15:34:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7ac7bcb279a89211-FRA
content-type: text/html; charset=utf-8
date: Thu, 23 Mar 2023 15:34:11 GMT
location: https://www.online.ua/
server: cloudflare

GET
H2 200 index.e65cf100892941eff8f0.min.css
i.online.ua/www/css/m/ 195 KB
31 KB 71ms
59ms Stylesheet
text/css 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.online.ua/www/css/m/index.e65cf100892941eff8f0.min.css
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e284fa910cf21adb590d45fb4466e5aea71f1473ff509bde21629e2a465a0f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Feb 2022 16:42:55 GMT
server: cloudflare
age: 5739692
etag: W/"61fab48f-736d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ac7bcb70edd9211-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.svg
i.online.ua//styles/new/img/ 3 KB
1 KB 68ms
56ms Image
image/svg+xml 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua//styles/new/img/logo.svg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e0816a9312b7dc1931f83f4c0bec95f1d5ed28046436ba82c3ecabb724a8f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2018 08:59:03 GMT
server: cloudflare
age: 1186940
etag: W/"5a548457-b0e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ac7bcb70ee09211-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10ccc1e5914798c19faa2ef01db60056onlineua-25.png
i.online.ua/www/icons/ 663 B
782 B 63ms
63ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/10ccc1e5914798c19faa2ef01db60056onlineua-25.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f57c90c234367849b6417839a1668837cab5630827286e885f63dba278b402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:01:44 GMT
server: cloudflare
age: 26167899
etag: "57a46408-297"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8690d9211-FRA
content-length: 663
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ed2ca8385205794b630af85c22de39f1onlineua_forcast.png
i.online.ua/www/icons/ 547 B
652 B 62ms
55ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/ed2ca8385205794b630af85c22de39f1onlineua_forcast.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6650729a4866f5478e6bda54c2cd2b28a0ec781c4ccd3bcb3105c0d1b5c1ce18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:10:17 GMT
server: cloudflare
age: 26079279
etag: "57a46609-223"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8690f9211-FRA
content-length: 547
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b7f709e6d84db884a20b2f0c8b9bdb45onlineua-24.png
i.online.ua/www/icons/ 611 B
715 B 65ms
58ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/b7f709e6d84db884a20b2f0c8b9bdb45onlineua-24.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fbdc6512ee9aaf769c2dca79c49320feed7bb5ca71e1bff815555039756445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:10:42 GMT
server: cloudflare
age: 26163416
etag: "57a46622-263"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb869109211-FRA
content-length: 611
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 53160fb137935e87b4e8ceeb73a08397onlineua_translator.png
i.online.ua/www/icons/ 527 B
641 B 66ms
58ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/53160fb137935e87b4e8ceeb73a08397onlineua_translator.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1931393a287d265012b3b5cb16477376cd919eb90afa83b4b89ec3aacaf24aec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:10:07 GMT
server: cloudflare
age: 23801104
etag: "57a465ff-20f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb869119211-FRA
content-length: 527
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3361f67733dcd0b31fd2bf09ebddb541video.png
i.online.ua/www/icons/ 558 B
662 B 64ms
57ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/3361f67733dcd0b31fd2bf09ebddb541video.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b8bbe38e7c3c1bc98f8754ff3eaa87a9db0b5e206bd6760b88f1bb74a345d26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Jul 2018 16:05:13 GMT
server: cloudflare
age: 5740631
etag: "5b48cdb9-22e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb869139211-FRA
content-length: 558
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 408cdddacf32d42337fc36f490a9ce48onlineua_pr.png
i.online.ua/www/icons/ 478 B
619 B 66ms
59ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/408cdddacf32d42337fc36f490a9ce48onlineua_pr.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf748072234bcc2e91400cca30db9c14c31fa037c7b7c4671ff9088e81f545c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:11:04 GMT
server: cloudflare
age: 26164969
etag: "57a46638-1de"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb869159211-FRA
content-length: 478
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 326f028a6c62992206ad3fc7b2065393b726b79a922987d3146e81af132f2c97onlineua-22.png
i.online.ua/www/icons/ 647 B
745 B 97ms
94ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/326f028a6c62992206ad3fc7b2065393b726b79a922987d3146e81af132f2c97onlineua-22.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f430ca8240c77e75e6e9704ba531f12dfdb6d1d696541e5f2b6a9a10eaaac9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Jul 2020 10:54:15 GMT
server: cloudflare
age: 26166916
etag: "5f0848d7-287"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9879211-FRA
content-length: 647
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 575530c360ac2fa6e0ef93088195d9cdonlineua_tvprogramm.png
i.online.ua/www/icons/ 563 B
666 B 97ms
94ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/575530c360ac2fa6e0ef93088195d9cdonlineua_tvprogramm.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb133a1c6bafa765af23a02f78b30c1dcaecc985ff28ce3b6d8019ad879ca017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:11:26 GMT
server: cloudflare
age: 21429698
etag: "57a4664e-233"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9959211-FRA
content-length: 563
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8de7fbd1b6d6cb9ee0bedb384c28ede8onlineua_uol.png
i.online.ua/www/icons/ 393 B
499 B 96ms
93ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/8de7fbd1b6d6cb9ee0bedb384c28ede8onlineua_uol.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b69cd08f24c6f5fccaf06e66b8fe3ff20a56796222dbca46ec4f47f6ff0cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:29:02 GMT
server: cloudflare
age: 26164983
etag: "57a46a6e-189"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9949211-FRA
content-length: 393
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5a3180b3c770a8446409a16a14f18b79onlineua_kievmap.png
i.online.ua/www/icons/ 643 B
758 B 97ms
95ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/5a3180b3c770a8446409a16a14f18b79onlineua_kievmap.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7697d50fd27aa61fa0b27ff7a3bd40974ffc79bee46b9334301d279f4c1f01e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:25:49 GMT
server: cloudflare
age: 4112077
etag: "57a469ad-283"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9939211-FRA
content-length: 643
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 33ca13fff3d0ef5eb7f6e2ee42ebe249onlineua_horoscope.png
i.online.ua/www/icons/ 600 B
706 B 83ms
80ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/33ca13fff3d0ef5eb7f6e2ee42ebe249onlineua_horoscope.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a101bfe80ed55fff9ea504f933123638de2fc91d719ecf775d8803de7be7303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:28:19 GMT
server: cloudflare
age: 4112077
etag: "57a46a43-258"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8a9719211-FRA
content-length: 600
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 470f5171685d2007c61ffa691265dc74onlineua_womanjournal.png
i.online.ua/www/icons/ 511 B
617 B 96ms
93ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/470f5171685d2007c61ffa691265dc74onlineua_womanjournal.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee83c35af58bef3af64aa9154281b8ca88fb5655ea0f1751c84dd3364cf2d14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:29:27 GMT
server: cloudflare
age: 11485211
etag: "57a46a87-1ff"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b98d9211-FRA
content-length: 511
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bcc7131ac512d132b7a11cf5133f41a5onlineua_cars.png
i.online.ua/www/icons/ 562 B
668 B 84ms
81ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/bcc7131ac512d132b7a11cf5133f41a5onlineua_cars.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ca7af8780cd8509a0dac913c0e56ddbf34d75b94180a66ec2d439ceec6c284e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:30:40 GMT
server: cloudflare
age: 4112077
etag: "57a46ad0-232"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8a9709211-FRA
content-length: 562
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4800456140af0e8d30024b51264197abonlineua_recipes.png
i.online.ua/www/icons/ 551 B
656 B 95ms
92ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/4800456140af0e8d30024b51264197abonlineua_recipes.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba521ad256cdab8a67d213d3ac718b7eacc8c2362fc17c39b39e4cfe9edc09fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:32:05 GMT
server: cloudflare
age: 23801104
etag: "57a46b25-227"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9869211-FRA
content-length: 551
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e9657337139381e5536700af180f7637onlineua_cheers.png
i.online.ua/www/icons/ 699 B
839 B 98ms
95ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/e9657337139381e5536700af180f7637onlineua_cheers.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc06fce25554bca4331ea7e89a9aed20e0fba5cedb3f28854389f5422146cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:32:36 GMT
server: cloudflare
age: 5740629
etag: "57a46b44-2bb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9909211-FRA
content-length: 699
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4a4a0cf8511f49c74ed797bbdfd15c6donlineua_statuses.png
i.online.ua/www/icons/ 652 B
750 B 96ms
93ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/4a4a0cf8511f49c74ed797bbdfd15c6donlineua_statuses.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6efa2f7cf1d7a54e0099d06c3652ea2211492c718f068bffe08b558945a446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:34:44 GMT
server: cloudflare
age: 23801104
etag: "57a46bc4-28c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b99a9211-FRA
content-length: 652
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bf07cff7ba0754dbfe76345fadefeb0bonlineua-26.png
i.online.ua/www/icons/ 474 B
579 B 96ms
93ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/bf07cff7ba0754dbfe76345fadefeb0bonlineua-26.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1637a5965d36fa3203572658b276ccebf984349c743efb412ac654fd5ae92fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:34:08 GMT
server: cloudflare
age: 26162423
etag: "57a46ba0-1da"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9899211-FRA
content-length: 474
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a1c9d2e2230b67eaa7148cb253705149onlineua_sms.png
i.online.ua/www/icons/ 589 B
749 B 83ms
80ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/a1c9d2e2230b67eaa7148cb253705149onlineua_sms.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce05c89afbb83a529a92949b8725bf4afc7f73a567ae43e458ac3c3014bb4b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:34:58 GMT
server: cloudflare
age: 26165112
etag: "57a46bd2-24d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8a9609211-FRA
content-length: 589
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c75004e64c8466a8ed376f2c281cba5bonlineua_colors.png
i.online.ua/www/icons/ 698 B
810 B 96ms
94ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/c75004e64c8466a8ed376f2c281cba5bonlineua_colors.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6743cf6d78a4ecffab61d514765fb39e22b7c34484585bc38802892a6b7eb370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:35:39 GMT
server: cloudflare
age: 26166916
etag: "57a46bfb-2ba"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b99b9211-FRA
content-length: 698
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b726b79a922987d3146e81af132f2c97onlineua-22.png
i.online.ua/www/icons/ 647 B
761 B 97ms
94ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/b726b79a922987d3146e81af132f2c97onlineua-22.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f430ca8240c77e75e6e9704ba531f12dfdb6d1d696541e5f2b6a9a10eaaac9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:37:27 GMT
server: cloudflare
age: 26088657
etag: "57a46c67-287"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9969211-FRA
content-length: 647
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e47d6e17963968807a78a2e32064c84bonlineua_calendar.png
i.online.ua/www/icons/ 525 B
684 B 96ms
93ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/e47d6e17963968807a78a2e32064c84bonlineua_calendar.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9211c1981526b189ec7d7b71325385379bb3aa3c0cee10d53d21bb93f58c3aec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:37:45 GMT
server: cloudflare
age: 25996674
etag: "57a46c79-20d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9839211-FRA
content-length: 525
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f61c3dd94b0ea934853211a4364d4cc1onlineua_calculator.png
i.online.ua/www/icons/ 472 B
571 B 95ms
92ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/f61c3dd94b0ea934853211a4364d4cc1onlineua_calculator.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1175a85e9f2cda2585e0930e805b1ef75ac8b8cb07119fe0affa4871bee0bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:38:06 GMT
server: cloudflare
age: 26079278
etag: "57a46c8e-1d8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9859211-FRA
content-length: 472
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 931d7e0b38cc89760601bcfc13c74984onlineua_accords.png
i.online.ua/www/icons/ 545 B
651 B 97ms
94ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/931d7e0b38cc89760601bcfc13c74984onlineua_accords.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23a0b4a8f5fcb80641630d149bd51effe0a59f559fb4409e384a1268c2b9a3e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:41:15 GMT
server: cloudflare
age: 26000446
etag: "57a46d4b-221"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b9989211-FRA
content-length: 545
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b055c26ae36ab4da836be8f9b7e9dbf3onlineua_zipcodes.png
i.online.ua/www/icons/ 709 B
811 B 95ms
92ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/b055c26ae36ab4da836be8f9b7e9dbf3onlineua_zipcodes.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 916f8c85a587cf1f9156dcb11423f7101dd57794c927170690a72332be73fcb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 13:54:05 GMT
server: cloudflare
age: 4112077
etag: "57a49a7d-2c5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b98a9211-FRA
content-length: 709
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e72d49e56c4cc8026f35cb6901751df3onlineua_universities.png
i.online.ua/www/icons/ 623 B
731 B 84ms
80ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/e72d49e56c4cc8026f35cb6901751df3onlineua_universities.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc8ffeddf87250354ca8e272bb91b963793a3367657b9f979a1d66d8dbd2e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:43:06 GMT
server: cloudflare
age: 26079278
etag: "57a46dba-26f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8a9639211-FRA
content-length: 623
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 46891b664c559b84b098af443f42ea57onlineua_time.png
i.online.ua/www/icons/ 563 B
703 B 94ms
91ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/46891b664c559b84b098af443f42ea57onlineua_time.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71c532db10b76ccb2c46aff6f955b63b15b6b554a14440838d273065a7423f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:43:45 GMT
server: cloudflare
age: 26167898
etag: "57a46de1-233"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb8b98b9211-FRA
content-length: 563
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3436f06596fe08b25f3bb09d6df725bconlineua_avatars.png
i.online.ua/www/icons/ 487 B
591 B 54ms
54ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/3436f06596fe08b25f3bb09d6df725bconlineua_avatars.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3caee5a64e4b2fde3ac5c549fadd1a03ed69bdda4a0ae26c671cbccdfaac6f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:44:39 GMT
server: cloudflare
age: 5740626
etag: "57a46e17-1e7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb94a2f9211-FRA
content-length: 487
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 963df26a0ce9a7d327afd49814b22d39onlineua_names.png
i.online.ua/www/icons/ 593 B
700 B 66ms
66ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/963df26a0ce9a7d327afd49814b22d39onlineua_names.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d30395802a25abbd41c5694d6b8543b5fe81cb2d792380aa88a6ed23ef514b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 13:28:55 GMT
server: cloudflare
age: 26164968
etag: "57a49497-251"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb96a559211-FRA
content-length: 593
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0ed4e56bc0a77cbddc0d70ea193a9204onlineua_surnames.png
i.online.ua/www/icons/ 673 B
779 B 53ms
52ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/0ed4e56bc0a77cbddc0d70ea193a9204onlineua_surnames.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9768f389ad9cad9ba8ef46dac02a75efe3c3b5d88daf0c8d0dd80207435dff97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:45:30 GMT
server: cloudflare
age: 26167366
etag: "57a46e4a-2a1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb98a879211-FRA
content-length: 673
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3deede5b0f4af30ddc6fab6e562f39a0onlineua_alcohol.png
i.online.ua/www/icons/ 610 B
720 B 53ms
52ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/3deede5b0f4af30ddc6fab6e562f39a0onlineua_alcohol.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662cb46f293e044955ce8aa4d03ca7288773ee2973cd71bb779baea998319c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:45:44 GMT
server: cloudflare
age: 12748573
etag: "57a46e58-262"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb99a929211-FRA
content-length: 610
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c1905026777624aafcd7d65798db8e5aonlineua_ochard.png
i.online.ua/www/icons/ 636 B
742 B 74ms
73ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/c1905026777624aafcd7d65798db8e5aonlineua_ochard.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b925527751b9fbdfd3cc518aef10befacfd044867b52cfd108dd426e100096d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:45:54 GMT
server: cloudflare
age: 26167366
etag: "57a46e62-27c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb99a949211-FRA
content-length: 636
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 382a6272759c118995b3ccafce032f57onlineua_pdd.png
i.online.ua/www/icons/ 603 B
709 B 68ms
65ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/382a6272759c118995b3ccafce032f57onlineua_pdd.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 093cd662c1b934ab8cf90fca6a082fcfe78391fbaa671a2cfa4f51615d2c7a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:46:07 GMT
server: cloudflare
age: 26165112
etag: "57a46e6f-25b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb9aaa29211-FRA
content-length: 603
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e9110d7e30db29dd6adecfa9d25f35b6onlineua_signs.png
i.online.ua/www/icons/ 726 B
832 B 67ms
64ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/e9110d7e30db29dd6adecfa9d25f35b6onlineua_signs.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 746f342dc178b1eb6ff555a612735e9daf108cd68a9d5cb3150a83de5b541ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:46:30 GMT
server: cloudflare
age: 23801104
etag: "57a46e86-2d6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb9aaa49211-FRA
content-length: 726
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b292b017eb7e383f631a6a45381e4d5conlineua_bookofdreams.png
i.online.ua/www/icons/ 639 B
754 B 55ms
53ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/b292b017eb7e383f631a6a45381e4d5conlineua_bookofdreams.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a018d7e8456ea982cf0749a6e6e5acf5b425330f38c9dcc2031b4db2cbbae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2016 10:47:07 GMT
server: cloudflare
age: 26166915
etag: "57a46eab-27f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb9eae39211-FRA
content-length: 639
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7be7decfd16cce61d888c9162e96feb2keyboard_keyboard.png
i.online.ua/www/icons/ 407 B
548 B 55ms
54ms Image
image/png 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/www/icons/7be7decfd16cce61d888c9162e96feb2keyboard_keyboard.png
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5559440699e21088bf13c4737525dcc177bb412fcbd9f34213117ae1415e400e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2016 17:05:51 GMT
server: cloudflare
age: 17053965
etag: "583f06ef-197"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcb9eae69211-FRA
content-length: 407
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 680_641c5fe95028a.jpg
novyny.online.ua/proxy/news/r3-c8d58ac4f2/ 46 KB
46 KB 71ms
52ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r3-c8d58ac4f2/680_641c5fe95028a.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67e6addb210c37446834b2edb58cc10978872266b04d10fd7398818385796bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 23 Mar 2023 14:54:37 GMT
server: cloudflare
age: 2375
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb879309211-FRA
content-length: 47256
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 680_641c643781950.jpg
novyny.online.ua/proxy/news/r2-14d4600069/ 56 KB
56 KB 86ms
67ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-14d4600069/680_641c643781950.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95393acf6c8dc64c99e33039610ec486a143f7caa1da005d187e93af34f6c88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 23 Mar 2023 15:28:37 GMT
server: cloudflare
age: 335
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb879339211-FRA
content-length: 57246
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 680_641c5c1808698.jpg
novyny.online.ua/proxy/news/r2-c6727de8f6/ 66 KB
66 KB 103ms
84ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-c6727de8f6/680_641c5c1808698.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e61fc0bafd1576ba8cca2e9593d4c7391160bc99ee9dc130305d04e3c8a887a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 23 Mar 2023 14:22:16 GMT
server: cloudflare
age: 4316
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb879329211-FRA
content-length: 67788
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 680_641c673f305f7.jpg
novyny.online.ua/proxy/news/r2-53d3ee6e54/ 15 KB
15 KB 53ms
52ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-53d3ee6e54/680_641c673f305f7.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e67b38df2f443c76c728781c3f402a62f042220e812f3ccce3f9b57d5da5e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 23 Mar 2023 15:28:37 GMT
server: cloudflare
age: 335
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb93a149211-FRA
content-length: 15120
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63ea070201a0f.jpg
novyny.online.ua/proxy/news/r2-eb56103103/ 5 KB
5 KB 84ms
80ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-eb56103103/165_63ea070201a0f.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f66c6854f7811f1c76a4c7ac26974e6954c8230043f86ddac3158f2b90236c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 10 Mar 2023 01:09:31 GMT
server: cloudflare
age: 1175081
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb8a95d9211-FRA
content-length: 5188
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63da7b0bdcb39.jpg
novyny.online.ua/proxy/news/r2-a5178ee104/ 6 KB
6 KB 84ms
81ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-a5178ee104/165_63da7b0bdcb39.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a3a8eec9ef6c1597e25bddfe0dcc4b70ce1ae1a73833445161f51a2ba64b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 01 Feb 2023 16:24:27 GMT
server: cloudflare
age: 4316985
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb8a9689211-FRA
content-length: 6205
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63d90268b1028.jpg
novyny.online.ua/proxy/news/r3-6129c753d6/ 6 KB
6 KB 83ms
80ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r3-6129c753d6/165_63d90268b1028.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93d0a7f363d329bf3db3dc800069b7736c96c8f14ca345fff631b11a78be209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 31 Jan 2023 16:23:29 GMT
server: cloudflare
age: 4403443
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb8a96c9211-FRA
content-length: 5681
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63d7d2bf2c554.jpg
novyny.online.ua/proxy/news/r3-b1d8786d08/ 5 KB
5 KB 84ms
81ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r3-b1d8786d08/165_63d7d2bf2c554.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b9c8c5893ffc45ac47781cec9375ebe5533d4d3a139397288eb3072dea649b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 04 Feb 2023 07:11:04 GMT
server: cloudflare
age: 4090988
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb8a96a9211-FRA
content-length: 5511
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63d39a490b316.jpg
novyny.online.ua/proxy/news/r2-ef57280d3d/ 4 KB
4 KB 85ms
82ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-ef57280d3d/165_63d39a490b316.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53206ab33d6dc746cf14a1939a9f902ffdd7a9302144044ab106bfdc24baeaf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 27 Jan 2023 16:25:25 GMT
server: cloudflare
age: 4748927
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb8a96e9211-FRA
content-length: 4179
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63a32c95af2a0.jpg
novyny.online.ua/proxy/news/r2-a438fa75c3/ 4 KB
5 KB 85ms
81ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-a438fa75c3/165_63a32c95af2a0.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5065402d42070a6ea6e645f08c5609c56f67dfefef2609a2e99b055837b69c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 22 Dec 2022 12:39:13 GMT
server: cloudflare
age: 7872899
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb8a9679211-FRA
content-length: 4561
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63a1b4eccfa70.jpg
novyny.online.ua/proxy/news/r2-c94026e0db/ 5 KB
5 KB 85ms
82ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-c94026e0db/165_63a1b4eccfa70.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef685d3bb2264a5eb8e3b3390fbf196bdfe988d4618f5b97d411b0df0990c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 04 Feb 2023 07:11:05 GMT
server: cloudflare
age: 4090987
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb8a96f9211-FRA
content-length: 5090
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_637b9004508b3.jpg
novyny.online.ua/proxy/news/r2-48efe791d9/ 7 KB
7 KB 53ms
52ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-48efe791d9/165_637b9004508b3.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af7fdae6201e0e5fbc8043be2f8e89248cf9a74032233b63a7ae78cbb3ba226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 23 Mar 2023 02:00:20 GMT
server: cloudflare
age: 48832
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb93a169211-FRA
content-length: 7262
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_63614762667cf.jpg
novyny.online.ua/proxy/news/r3-d9fea3f499/ 5 KB
5 KB 54ms
53ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r3-d9fea3f499/165_63614762667cf.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a01e7f5058066bb9bc608272c7ae5566dae3ab7a5a0a1cb51f43d4d88be59aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 01 Nov 2022 16:23:39 GMT
server: cloudflare
age: 12265833
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb93a179211-FRA
content-length: 5251
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 165_6361029c5d39c.jpg
novyny.online.ua/proxy/news/r2-dde2d396d7/ 5 KB
5 KB 53ms
53ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/news/r2-dde2d396d7/165_6361029c5d39c.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f1cc303ee3efc25ba7331a644b7e481dc44b89195f69f8eecc0ceac7e0bc63c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 01 Nov 2022 11:38:10 GMT
server: cloudflare
age: 12282962
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb94a2d9211-FRA
content-length: 5221
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 164_57593d6ec4812.jpg
novyny.online.ua/proxy/avatars/r3-7853717950/ 8 KB
8 KB 66ms
66ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/avatars/r3-7853717950/164_57593d6ec4812.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d84b3a90968f9a04937564f0efc49e9a47e3c2594e745eaa856f2496035394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 10 Mar 2023 15:45:45 GMT
server: cloudflare
age: 1122507
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb9aaa59211-FRA
content-length: 8112
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 164_61f3de769b267.jpg
novyny.online.ua/proxy/avatars/r2-7725eadc6f/ 8 KB
8 KB 53ms
53ms Image
image/jpg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/avatars/r2-7725eadc6f/164_61f3de769b267.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859b70980bca80beff8306f3fdc0a4c98fcd164d4cb04c12b9830c62025eeb61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 23 Dec 2022 15:06:20 GMT
server: cloudflare
age: 7777672
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcb9eaf19211-FRA
content-length: 7733
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 164_63494a23537e5.jpg
novyny.online.ua/proxy/avatars/r3-bceceec1da/ 6 KB
6 KB 56ms
55ms Image
image/jpg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novyny.online.ua/proxy/avatars/r3-bceceec1da/164_63494a23537e5.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3708f24c4509f0aaf6fdf1b8a95af0d8305175323b4edda177bd9b9bd893aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 22 Dec 2022 13:34:28 GMT
server: cloudflare
age: 7869584
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7ac7bcba1b209211-FRA
content-length: 6524
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dmca-badge-w250-5x1-06.png
images.dmca.com/Badges/ 8 KB
8 KB 118ms
52ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca-badge-w250-5x1-06.png?ID=3ad0c3a5-ae24-4d7f-8771-8cf3b90843f6
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 71896be020ac9285fb9e860b525548c405771011a4a631860380b8ba068a55e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
server: Microsoft-IIS/10.0
etag: "f5d7993aace6d11:0"
x-powered-by: ASP.NET
x-hw: 1679585652.cds323.fr8.hn,1679585652.cds266.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/dmca-badge-w250-5x1-06.png>; rel="canonical"
content-length: 8100

GET
H2 200 makoro.jpg
i.online.ua/img/ 950 B
1 KB 54ms
53ms Image
image/jpeg 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.online.ua/img/makoro.jpg
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e27a91b8568714ff633f4cd8d8eeefdb9e3dfcda901217e3a036c7cda4840d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
cf-cache-status: HIT
age: 30661168
cf-polished: origSize=1137, status=webp_bigger
content-length: 950
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 May 2019 15:42:45 GMT
server: cloudflare
etag: "5ce56df5-471"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ac7bcba1b219211-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 160ms
68ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-29065934-58

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

234057b7f099022f70283d30ad2c80bf3b0c2ba76c408fd7fa707d1390170cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 15:34:12 GMT

GET
H2 200 ua.js Show response
i.online.ua/js/lang/ 1 KB
751 B 51ms
51ms Script
application/javascript 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.online.ua/js/lang/ua.js
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf7301853d3b040f0741b36d25be339862991ec86bb67bc54ebea2c0a07c304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Dec 2021 10:21:23 GMT
server: cloudflare
age: 23800110
cf-polished: origSize=1286
etag: W/"61a9efa3-28c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ac7bcb76f3e9211-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors~index.295832476174e7b8f35b.min.js Show response
i.online.ua/www/js/m/ 118 KB
38 KB 56ms
56ms Script
application/javascript 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.online.ua/www/js/m/vendors~index.295832476174e7b8f35b.min.js
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7885dd8125b6a371ba80e7074680944daac8d1150209f854b5f0ead5000ce914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 14:55:17 GMT
server: cloudflare
age: 5741286
etag: W/"61deebd5-9251"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ac7bcb77f559211-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.a4bb86f4dcab9e03c0c4.min.js Show response
i.online.ua/www/js/m/ 27 KB
8 KB 62ms
61ms Script
application/javascript 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.online.ua/www/js/m/index.a4bb86f4dcab9e03c0c4.min.js
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0307f80f609db8a59967ba8a37db8a1b911542c60f7aa1b7e48b72d828f730e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 14:55:17 GMT
server: cloudflare
age: 30661168
etag: W/"61deebd5-1dd2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ac7bcb7efef9211-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 197ms
105ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067565091314498

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2add65b0a6ec2e0e57d7585b8f5c927dc6cd5d6f49a7c33b0bd426d07ed9fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Origin: https://www.online.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48899
x-xss-protection: 0
server: cafe
etag: 3678941165385606982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 15:34:12 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
672 B 169ms
46ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1679585652.cds323.fr8.hn,1679585652.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Requested by

Host: i.online.ua
URL: https://i.online.ua/www/css/m/index.e65cf100892941eff8f0.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:02:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 15:34:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 135ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Mar 2023 15:34:12 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9uOppk6Gk1SkZ8zS8ooPcqA2hcvJ7HhBwL1XU0HdSzBelveRBlegLd71I92EQpwUWp6abssGSGWaLe5G+MWOog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 137ms
39ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.online.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:42 GMT
x-content-type-options: nosniff
age: 197790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 143ms
46ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.online.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 197794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 188ms
92ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.online.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 197793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 221ms
124ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.online.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:43 GMT
x-content-type-options: nosniff
age: 197789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 193ms
105ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.online.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 197792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 161ms
80ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.online.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 197792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 223ms
76ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 3c0a1c2e7aaa30acf291d7f4fee71f7bd19015f0d3796a15ffffafa9f17de86c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 09:26:20 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17201
expires: Fri, 24 Mar 2023 03:34:12 GMT

GET
H2 200 invisible.js Show response
www.online.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 69A3 30 KB
13 KB 52ms
52ms Script
application/javascript 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.online.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679572800
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b5c247266c6de71d86b4420711684f2f34f4db92cda63c6b5d1d4c2161b705

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7ac7bcba1b229211-FRA

GET
H2 200 1651566465122778 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 302ms
302ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1651566465122778?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21cbbbfca70461687e996300111aa8518594fc4f1b874bc2a6ca9a812eaac234

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Mar 2023 15:34:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jDxRb3YJpCk8Ovf88+LKMCqppmrVhLemQsnNZCdbnqesLwHEy6nBJxg/EnnP8+yYHhn4A0TDX0axLqa0/ZNxVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/ 349 KB
117 KB 218ms
125ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1067565091314498&plah=www.online.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067565091314498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

914c2155f5f83268e37a283fb8effdd3c016c8c04034a64420670f904e8a90d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119424
x-xss-protection: 0
server: cafe
etag: 2660502436825065875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 15:34:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/ Frame 00AC 10 KB
5 KB 393ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067565091314498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 05:53:00 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 05:53:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FSF664PRKT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-29065934-58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d113b89e713432c7f5a8593f23e091aa218ffd933430f409f1b2090807a08d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78825
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 15:34:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 402ms
47ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-29065934-58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 14:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5342
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 23 Mar 2023 16:05:11 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
393 B 60ms
60ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.online.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 65fa9869621f3a6c818c229a9c05b6bd8b1288795f52422bcc9ae67e4ffa70be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 278
expires: Sat, 22 Apr 2023 15:34:12 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 5511 5 KB
3 KB 385ms
59ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 996a7a04e7d704459f252678b214493a76efdf8d61a4b7fc292685286a7339a4

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2715
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:13 GMT
etag: PRIVATE7520710249
expires: Sat, 22 Apr 2023 15:34:13 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 pica.js
www.online.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 69A3 7 KB
3 KB 65ms
48ms Other
application/javascript 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.online.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8cdd0d491c9c4e74590acc050bc40059812469acf47829e3e7c032913bd20dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:12 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7ac7bcbafbfb9211-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 266ms
56ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSF664PRKT&gtm=45je33k0&_p=432439150&cid=1488095717.1679585653&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679585653&sct=1&seg=0&dl=https%3A%2F%2Fwww.online.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20ONLINE.UA&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FSF664PRKT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.online.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 7ac7bcb34a739211 Show response
www.online.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 69A3 2 B
366 B 65ms
57ms XHR
text/plain 104.18.9.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.online.ua/cdn-cgi/challenge-platform/h/g/cv/result/7ac7bcb34a739211
Requested by: Host: www.online.ua
URL: https://www.online.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679572800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Mar 2023 15:34:13 GMT
content-encoding: br
server: cloudflare
cf-ray: 7ac7bcbd2e1e9211-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 135ms
43ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1651566465122778&ev=PageView&dl=https%3A%2F%2Fwww.online.ua%2F&rl=&if=false&ts=1679585653346&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679585653345.450203977&it=1679585652775&coo=false&rqm=GET

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Mar 2023 15:34:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 196ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.online.ua&callback=_gfp_s_&client=ca-pub-1067565091314498

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1067565091314498&plah=www.online.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a1a187664c3dbc236d5231b64f5f18057d95cd209055701b44778b9729a684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 176ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.online.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 163ms
39ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.online.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=site-header%20position-fixed%20fixed-top%20w-100&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71DD 0
179 B 230ms
229ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&adk=1812271804&adf=3025194257&lmt=1679585653&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fwww.online.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652839&bpp=6&bdt=565&idt=516&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6713373365597&frm=20&pv=2&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:13 GMT
expires: Thu, 23 Mar 2023 15:34:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 50ms
49ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=432439150&t=pageview&_s=1&dl=https%3A%2F%2Fwww.online.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20ONLINE.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1073914097&gjid=208791371&cid=1488095717.1679585653&tid=UA-29065934-58&_gid=1741697290.1679585653&_r=1&gtm=457e33k0&z=114636045

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.online.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.online.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1679585653435/
Redirect Chain

https://gaua.hit.gemius.pl/_1679585653435/rexdot.js?l=100&sendf=24&id=AqTqxmNpY7wZuibduISs3pdQj1NU0abYGy_OUOR4Zp7.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.onl...
https://gaua.hit.gemius.pl/__/_1679585653435/rexdot.js?l=100&sendf=24&id=AqTqxmNpY7wZuibduISs3pdQj1NU0abYGy_OUOR4Zp7.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww....

169 B
424 B

153ms
138ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1679585653435/rexdot.js?l=100&sendf=24&id=AqTqxmNpY7wZuibduISs3pdQj1NU0abYGy_OUOR4Zp7.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.online.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=RO9mllxQDEr6LQD8gCeuCfGtzhCsyKQuxF4Syfk46gX.f7PqIqGMEpM5g3gzQ6zD_CMXFFfTQ9WO4ITHMPjCczslu8ib/_AwWk2xBAFxnz/&fpdata=Id9wWX55tr.FyTcmI78NDmT4RuxqG_b5mIzmcmGkPOf.l7&ltime=538&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641c71743530365b&brts=1679585653&fpcap=
Requested by: Host: www.online.ua
URL: https://www.online.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: a3b92e26e2c200ea5d7b539a3ad962cada02bfa27bce0c6391bbc4cc4a6ab356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:13 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Wed, 22 Mar 2023 15:34:13 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:13 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1679585653435/rexdot.js?l=100&sendf=24&id=AqTqxmNpY7wZuibduISs3pdQj1NU0abYGy_OUOR4Zp7.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.online.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=RO9mllxQDEr6LQD8gCeuCfGtzhCsyKQuxF4Syfk46gX.f7PqIqGMEpM5g3gzQ6zD_CMXFFfTQ9WO4ITHMPjCczslu8ib/_AwWk2xBAFxnz/&fpdata=Id9wWX55tr.FyTcmI78NDmT4RuxqG_b5mIzmcmGkPOf.l7&ltime=538&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641c71743530365b&brts=1679585653&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 22 Mar 2023 15:34:13 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F74 82 KB
25 KB 504ms
503ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a5ef282202b5b1d6e8a169edcfc71c16cbb8fcfc833de5a288c653ea0c7f019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25557
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:13 GMT
expires: Thu, 23 Mar 2023 15:34:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BAF 96 KB
35 KB 418ms
393ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=1891960289&adf=2418895889&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652849&bpp=1&bdt=575&idt=611&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q6xfPSbQvB&p=https%3A//www.online.ua&dtd=615

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf1d7280cbe245e35b777827e00240f64772ff5a4e10087727325b5c0530111b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35263
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:13 GMT
expires: Thu, 23 Mar 2023 15:34:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 187D 71 KB
23 KB 439ms
428ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=7374665202&adk=2175145819&adf=2875120685&pi=t.ma~as.7374665202&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652850&bpp=1&bdt=576&idt=619&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=1590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fw1EcXSEQZ&p=https%3A//www.online.ua&dtd=625

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86e930d57a24ef1e2da10f8f3fdff3accaa843a18bfb0d5096215e6b74e83ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:13 GMT
expires: Thu, 23 Mar 2023 15:34:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCFA 100 KB
35 KB 495ms
479ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=1815276835&adk=552477479&adf=1006047998&pi=t.ma~as.1815276835&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652851&bpp=1&bdt=577&idt=629&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600%2C316x250&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=BPyHu0xNlK&p=https%3A//www.online.ua&dtd=645

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0fcce7c443bae8dddb851c96549b721344f3df67ca1737c5291d82de4c5b467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:13 GMT
expires: Thu, 23 Mar 2023 15:34:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 156ms
47ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-29065934-58&cid=1488095717.1679585653&jid=1073914097&gjid=208791371&_gid=1741697290.1679585653&_u=YADAAUAAAAAAACAAI~&z=828081402

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.online.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Mar 2023 15:34:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.online.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 154ms
65ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-29065934-58&cid=1488095717.1679585653&jid=1073914097&_u=YADAAUAAAAAAACAAI~&z=71989363

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 152ms
62ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-29065934-58&cid=1488095717.1679585653&jid=1073914097&_u=YADAAUAAAAAAACAAI~&z=71989363

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame AC6C 0
48 B 41ms
40ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.online.ua
URL: https://www.online.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.online.ua
Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.online.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:13 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2BAF 0
0 107ms
105ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQWasdXEcZNLJJJCD5LcPwtqQuAvmgLrlbof-0bGTD8_Xor3AARABIInOkyxglYKAgJQHoAHbuOHkAcgBAqkCyWCAv-1Jsj6oAwHIA8kEqgTmAU_QRfvQaPz8nXYVySeoKsvDf5CJWadPjfoNF_yg0DCbq7z9H0mAOBNCbX952WiJWPj6_mEkWx2e3cNQG1ZEKXXq0INe5ksGvHWfQPsV976k5rMLF9nDeNYDqGoKpfILAqwFRcLLL4wUhPMLxIczfOvOt9Qz0_rL8dzGaNNbanopVu9dwll2i8QYw9Y-RBm6RDcG57vbcyzRzLd09nJYnSLcfRdG9idyLraF0dgYW6OxiWMOzWH73LCjbC4QDGCNqKkidRn9VUW5EXaxa1khqFc5-eMzztkmTgcR-tCdKWB7Iozrkg2lwASvoOTK4gOSBQQIBBgBkgUECAUYBKAGAoAHjceemwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEwNjc1NjUwOTEzMTQ0OTgYAA&sigh=3wigI-2fAkw&uach_m=[UACH]&cid=CAQSGwDUE5ymCJgrWrLqnH9x35juHjf2IxfIEC417BgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=1891960289&adf=2418895889&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652849&bpp=1&bdt=575&idt=611&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q6xfPSbQvB&p=https%3A//www.online.ua&dtd=615

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=1891960289&adf=2418895889&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652849&bpp=1&bdt=575&idt=611&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q6xfPSbQvB&p=https%3A//www.online.ua&dtd=615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 15:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Mar 2023 15:34:13 GMT

GET
H2 200 4232660478496421927
tpc.googlesyndication.com/simgad/ Frame 2BAF 52 KB
53 KB 211ms
102ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4232660478496421927?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdrzbFmiyc00gM3AQ8V9PTzXahzw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9ddc6e8b21365f084804c3bb95a281ab0184862d3acc8d67699265e94c3b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 20:42:43 GMT
x-content-type-options: nosniff
age: 240691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53500
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 09:31:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Mar 2024 20:42:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 2BAF 22 KB
9 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 2BAF 3 KB
1 KB 245ms
151ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 2BAF 20 KB
8 KB 189ms
95ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BAF 158 KB
48 KB 222ms
122ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 15:34:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 2BAF 34 KB
14 KB 248ms
155ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

302deaf4fa154ebeaef0722951adad97a1e1727ca955959030e2f43257afb3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13898
x-xss-protection: 0
server: cafe
etag: 4705717387851525028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:32:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 187D 8 KB
808 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=7374665202&adk=2175145819&adf=2875120685&pi=t.ma~as.7374665202&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652850&bpp=1&bdt=576&idt=619&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=1590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fw1EcXSEQZ&p=https%3A//www.online.ua&dtd=625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:04:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 15:34:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 187D 2 KB
845 B 224ms
148ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 187D 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CupEIdXEcZKzFJJC_7wLd75yIAeW4vs9vnZ_gvMoKv7vBuMEJEAEgic6TLGCVgoCAtAegAcH4tNIDyAEBqQLJYIC_7UmyPqgDAaoE5QFP0GKstSD1WGobFr-KQJB_lQ2KZZE68MQLX1PD7d9WbtBSBN0CfcxbZP4rsghSt7Zlr70EqdNumtZFxpeuJXUgvOVHmuTh5wWy9E5g7JLCIA9VVymtnYLU0QzPpQAdqzFFjrtBYORskEG6AugEtXgjzTQLe67-2c7xGwZd4iJDpDn5Ho8knxJwhpCP6JQdt70EmUsuINNQNsREBJoF2sNfcoc1C0mrCqMx1K3skLwu5db5w33jeKTMCsxl6BWwjlHdWL8Gp-aPFNEFLRBP3GoxWESfPIaTBXhzYEfHgZM89LNQR0MgwAS51cbGvgKSBQQIBBgBkgUECAUYBIAHp4fLLagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDENlR0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAjQFQGYFgGAFwGyFxwKGggAEhRwdWItMTA2NzU2NTA5MTMxNDQ5OBgA&sigh=aSKZ8velKUU&uach_m=[UACH]&cid=CAQSGwDUE5ymOdJ2TtImXZWIOfKd87aaS5KWxdB1PRgB&template_id=5028

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=7374665202&adk=2175145819&adf=2875120685&pi=t.ma~as.7374665202&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652850&bpp=1&bdt=576&idt=619&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=1590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fw1EcXSEQZ&p=https%3A//www.online.ua&dtd=625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 15:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Mar 2023 15:34:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 187D 22 KB
9 KB 119ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 187D 3 KB
1 KB 174ms
100ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 187D 20 KB
9 KB 124ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 187D 158 KB
49 KB 131ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 15:34:14 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 187D 34 KB
14 KB 148ms
54ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:42:45 GMT

GET
H2 200 914be99cd47eba54dcad56263af893ff.js Show response
www.gstatic.com/mysidia/ Frame 9F74 10 KB
4 KB 165ms
82ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/914be99cd47eba54dcad56263af893ff.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4426
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 15:49:51 GMT

GET
H2 200 4471e8cf2b0d0f14a71f816ec3ea39a0.js Show response
www.gstatic.com/mysidia/ Frame 9F74 11 KB
5 KB 169ms
86ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4471e8cf2b0d0f14a71f816ec3ea39a0.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad89e0a7ba5bc269ae857d3d45bbf5ce07e8092879ed4c27d72e3e8809878217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4799
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 01:11:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9F74 8 KB
968 B 53ms
52ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:00:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 15:34:13 GMT

GET
DATA 200
OK truncated
/ Frame 187D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 9F74 2 KB
799 B 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 9F74 22 KB
9 KB 130ms
84ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 9F74 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 9F74 20 KB
8 KB 134ms
88ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F74 158 KB
48 KB 163ms
110ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 15:34:14 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 9F74 34 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:42:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame DCFA 2 KB
799 B 151ms
146ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=1815276835&adk=552477479&adf=1006047998&pi=t.ma~as.1815276835&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652851&bpp=1&bdt=577&idt=629&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600%2C316x250&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=BPyHu0xNlK&p=https%3A//www.online.ua&dtd=645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DCFA 0
0 87ms
84ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwACrdXEcZOKIJsHokwOilqiADYywialuqeyg3pIQZBABIInOkyxglYKAgJQHoAHy-9PfA8gBAakCmEiUPDw_sj6oAwHIA8sEqgTnAU_QDZFE5SkX_lzblUGYe3s0Ya_ar2Tm_qG-4T_U6J9QZWhGnhinjm9rxpeF29SnaQiGksO8NV8Km1MhicTbBL3j_rgqDKTM6ly1DFB3S5hVXTBmJWpUvy0o1DHcNy_hXBgWXjRqTbDaxxjmCAQVrtkT040tkOWWb80KdtZByFg7YOL7nNQtpGLnSg3BaYymTRe4KhfI0VZ46RJgl2o6HL_sftcg4cWUhggKOkHp_ai7CwslozvS7LczYhEWXEjJ-ys7sn0ntmAf2QovoJKx-357AnyDonfpGv2I0B8bN3fq5xK55m4ausAE3vqGv5AEkgUECAQYAZIFBAgFGASgBgKAB9nlsiaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCjjAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMDY3NTY1MDkxMzE0NDk4GAA&sigh=6BH2Gmz7tXQ&uach_m=[UACH]&cid=CAQSGwDUE5ymKWK7c2gpmOZwX_MW9_EmT3Rjv7jhfRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=1815276835&adk=552477479&adf=1006047998&pi=t.ma~as.1815276835&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652851&bpp=1&bdt=577&idt=629&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600%2C316x250&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=BPyHu0xNlK&p=https%3A//www.online.ua&dtd=645
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 15:34:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame DCFA 22 KB
9 KB 136ms
132ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame DCFA 3 KB
1 KB 150ms
146ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame DCFA 20 KB
8 KB 139ms
136ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:15:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCFA 158 KB
48 KB 151ms
148ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 15:34:14 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame DCFA 34 KB
15 KB 58ms
42ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:42:45 GMT

GET
H2 200 8466266252459062314
tpc.googlesyndication.com/daca_images/simgad/ Frame DCFA 19 KB
19 KB 151ms
150ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8466266252459062314?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dadb402d38ce8e2bc947f5aaabb6fbbe576832288f1d81936b0ee939a4418459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19713
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 00:24:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 15:34:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7611 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=1891960289&adf=2418895889&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652849&bpp=1&bdt=575&idt=611&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q6xfPSbQvB&p=https%3A//www.online.ua&dtd=615
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 400C 143 B
166 B 46ms
42ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=250&slotname=7374665202&adk=2175145819&adf=2875120685&pi=t.ma~as.7374665202&w=316&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=316x250&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652850&bpp=1&bdt=576&idt=619&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C230x600%2C230x600&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1069&ady=1590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fw1EcXSEQZ&p=https%3A//www.online.ua&dtd=625
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 187D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a7e995123370d59e0c113702f258c03b1b3e4805e4d8a3f20c8eddbdbfe12c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2BAF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ea947b1cd49f92ff10431d8bbd01cca4ce26bc83f1244518b8aff6f00eecbf3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17691134453973169868/ Frame 9F74 11 KB
11 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17691134453973169868/14763004658117789537?w=300&h=300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fd91d342e4639cda80eee000f7a67baba6ed3757285e59fca25aed2cda9f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 18:32:06 GMT
x-content-type-options: nosniff
age: 162128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11056
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:21:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Mar 2024 18:32:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7611
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
61ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:14 GMT
expires: Thu, 23 Mar 2023 15:34:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 400C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:14 GMT
expires: Thu, 23 Mar 2023 15:34:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9F74 0
0 94ms
93ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv27QdXEcZK3XIoST7wL_zaHgDMepw4tv4M7YxL4R29keEAEgic6TLGDVBaABz-q7jAPIAQGpAphIlDw8P7I-qAMBqgTpAU_QUMsaUBHztRoy06BWpwW_qkSF3RWUsqSCPAeSZLgidiflWSWJqapBdVeIwpqAc8EK7UkT8o7gvSKEu5DbKmK1rhFLg_tt3FzmC-O9LB_C1uSYiBb_OSXJM7hMdeCHKiZ5uD_Q7qj7yy-ItSLXJfxO5zfBuDo2S-6eWnRu0bGvXgjZD92U_txXFOUzZSsrebA1OraC4MGap3hFT_hBQ3reHBHotHyht29Hf1wzgpSpSp7UMLlmIcdOf8Quph-vMe567h735278z9BoFtqFrLE2FUO6K5-iWWzB1pGqcJ8Ly8rr3A3h21EZwASr54TNkgSSBQQIBBgBkgUECAUYBIAHwNy5PKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEJFW0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMTA2NzU2NTA5MTMxNDQ5OBgA&sigh=xeLAYLAIXW4&uach_m=[UACH]&cid=CAQSGwDUE5ymb5ixbdhcrEdvjAzyC_xGlib155Y40BgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 15:34:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AFA7 143 B
166 B 49ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9F74 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6275fc439910a452df182f71a93fd77a7dec5cff844256003ba014653ac36931

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 187D 44 KB
44 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 197795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 187D 26 KB
26 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 197795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
DATA 200
OK truncated
/ Frame DCFA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 889c529da61eff9f895ae4ad7f7295f1b2608abbb510383ebfc54839697e41d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9F74 28 KB
28 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 197796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3 200 TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D24 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14279
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 15:30:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AFA7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067565091314498&output=html&h=600&slotname=7374665202&adk=3985211863&adf=1885803976&pi=t.ma~as.7374665202&w=230&fwrn=4&fwrnh=100&lmt=1679585653&rafmt=1&format=230x600&url=https%3A%2F%2Fwww.online.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679585652845&bpp=4&bdt=571&idt=592&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6713373365597&frm=20&pv=1&ga_vid=1488095717.1679585653&ga_sid=1679585653&ga_hid=432439150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&oid=2&pvsid=1020742153311857&tmod=1322017535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AzPTYII3ni&p=https%3A//www.online.ua&dtd=599

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:14 GMT
expires: Thu, 23 Mar 2023 15:34:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js Show response
pagead2.googlesyndication.com/bg/ Frame B9E0 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14279
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 15:30:30 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 92ms
91ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230321&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5860292c5db4035f11bfe174ea307839f5f8dd72ff830b432eeec254d90105a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11244
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 15:34:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8733 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 94386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 13:21:08 GMT
expires: Thu, 21 Mar 2024 13:21:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7821 783 B
535 B 51ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e572661d3f183abfa7624f0f56d1ea477d07f48fa5952e02848fc9d7b1195f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RagXru3Ik6UFLyaHvbCEvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.online.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-RagXru3Ik6UFLyaHvbCEvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:34:14 GMT
expires: Thu, 23 Mar 2023 15:34:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js Show response
pagead2.googlesyndication.com/bg/ Frame 8733 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14279
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 15:30:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7821 0
0 74ms
74ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230321&jk=1020742153311857&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8733 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IYnTUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:34:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230321&jk=1020742153311857&bg=!_v2l_anNAAbO2UOH7tk7ADkAdvg8WkhDrZIWxr3Ii3KRUHu5PG-TcF0YmL_mVFkkCMoaRDhNuEjzqJdvmUHUP51EmEUNfG1JcfcCAAAAXFIAAAADaAEHCgChtDe3CQcK65-2NxHUhdvPjzSCqOeviEdhSuJ3rj3eIy12Vky7db9LzOyvGTkFYiZfFYN0QqbrFWeBF_lGZ1e_S9mjDwDKWhAJy4v0qNlNNnhbzbctmJWPA4oeSs5sHUnibypaaMDoD7QKecrq1iNm5Ddre2vtSm1_yqWHdzR_3AOqpldUWmIQqbfYH3YeRkdETAUvZwptv2zCcRuXov1HE6SZAp1JHHKGNbLkj-PwP_xAagV8i8ZpeUqGVDRC_GFthU5PMNsxFHD2NaEtQlpeccH1kGjRAY1kVrrPzGOu7RzxvoSovAT5wLsvQ4QDECaa8oxs-HaWxiqqj_byQjqHXQQkJzRxOmeRwOrX8rjBwCdnSX5iF5uBb5eB7Sd3ndjLDdNdTzRA0BV_9C7a741uTquyFx9yenv89T6BErKdh4USrfJLVv1PEGKmaoF3-6HSUxnzzl-Rq1Wchot16DCfkh5oJra0Y4Yqa8BF79KMpGP2EgVfhZneWCGP0mGeH14t9jWDeXwNjXr5aqwtlQQi5e0lZ7QHobVaB9hZRUo2gCVV0n8VY8yEIOxNC2cGw80jK4X8Q9V7NClYOJCNPyCvRxA2PZ-hE_bwCJx1yq9P_fd_9EPVfY9xMCk51V8zQBRUM9-qZ4aeZx4ZXAsh9LzVtti7dSa_TRPYoPjNQii9G4SNCMNQqy9lkoKjpQx0lwBiQMPR6ASMrhS4xupyJB-eFHtEdmRptvAvVuru3emn-jxl_ibgWCf1RGrEzAwF4H7W521X3XSjTf5HmJO3W0Wl0C_Ur0zt-d7xshACL49gi3yb17an6OqDLEacE1S1W69RmeNXCAx4_bGklJXo-VkYSmkqBsYrRL1mIaGYiP6yOFiR12h6n2qmZir-pCV1yMam0edl0d-uDDx2gQLggANI2NcFuEkL5AAmSbbZiNY3Us2BswnWTuq-cT3CO4sYbA2e2n_BO5n8bG4KUcJux8SU0zD3E7adF23WjuYUJuTBy366J8LzaeYIOkxOaoRKBnSXcDqaANDCq-83WsuIQ9WVJ6wXrbZZQarpf40SAPVtWXa6eJ0gPqy-SxI1dGFQYs2KM3f4UyxHb7lQMY1l1NfY51c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-1067565091314498&su=www.online.ua&eid=44759875%2C44759842%2C44759926%2C44777877%2C31073106%2C44787455&doc=complete&pg_h=4397&pg_w=1600&pg_hs=4397&c=4&aa_c=0&av_h=390&av_w=272.992&av_a=100461.172&s=471&all_s=471&b=1713.203&all_b=1713.203&d=0.355&all_d=0.355&ard=0.057&all_ard=0.057&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.online.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F74 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsug35CENJqkRpyqOZLZmpYLKNDbeXtvCod40qKMLL4VLZ-nvyJ-MYTSumS0AIAyQ2I72VyifsYptxSVO7FZ6SBfUTkVmQHjRYh_wQAsMxzj_UzOOK6XVNjL0H7JTqNws9jmy2CclA&sai=AMfl-YQEmwv4ZUvQxxnKrd5i7K-eVvmqUVc7bPh1INNsIAW1oL2uPlBKv-7x_jKcpN3dDmjZtgUB-k4Thfd0&sig=Cg0ArKJSzA9QOpRC1PUHEAE&cid=CAQSGwDUE5ymb5ixbdhcrEdvjAzyC_xGlib155Y40BgB&id=lidar2&mcvt=1000&p=0,0,600,230&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&vu=1&app=0&itpl=22&adk=3985211863&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679585653447&rpt=1054&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 15:34:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.online.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4b25266d4414c20eadaadd765146dc03
.online.ua/	1969-12-31 23:59:59	Name: ln Value: ua
.online.ua/	1970-01-20 10:34:32	Name: test Value: 1
.online.ua/	1970-01-20 10:34:32	Name: tgbannershow Value: 1
.online.ua/	1970-01-20 19:18:41	Name: user_global_hash Value: b91ff5c407143d2a9dea0918dd58c0bb
.online.ua/	1970-01-20 20:09:05	Name: _ga_FSF664PRKT Value: GS1.1.1679585653.1.0.1679585653.0.0.0
.online.ua/	1970-01-20 20:01:53	Name: __gfp_64b Value: Id9wWX55tr.FyTcmI78NDmT4RuxqG_b5mIzmcmGkPOf.l7\|1679585652
.online.ua/	1970-01-20 12:42:41	Name: _fbp Value: fb.1.1679585653345.450203977
.online.ua/	1970-01-20 10:33:07	Name: __cf_bm Value: D8O61FkDcS88pGMYrSis6IHLMTT7wPRPKsSV1pdoNYE-1679585653-0-AXHscxU1pD6JCXCc6JrZZQOxoS9PS1YPh+jU/EyHlHrou5+qexsDEigQb0Dh3Futq7qa8LGNrjYPmiq+IzZfawaDBSatWUDQ/s8BpB/etVVfkX8A0O2QUqhrLQ1HAPEhpfN8d9LtWFzonggYTW+GwXLqt/71EDlrKpQJDxmUkO73
.online.ua/	1970-01-20 20:09:05	Name: _ga Value: GA1.2.1488095717.1679585653
.online.ua/	1970-01-20 10:34:32	Name: _gid Value: GA1.2.1741697290.1679585653
.online.ua/	1970-01-20 10:33:05	Name: _gat_gtag_UA_29065934_58 Value: 1
.hit.gemius.pl/	1970-01-20 10:43:10	Name: Gtest Value: KlxgfMXGQMQGW1QOXv9tLlXUssGMXP8c25nSGJxcmU4BXBG.
.online.ua/	1970-01-20 19:54:41	Name: __gads Value: ID=16c1d556ea2da9d7-22d31e42e1de0075:T=1679585653:RT=1679585653:S=ALNI_MZA30xeZ-SIaqnWKfdxGyri58rtJA
.online.ua/	1970-01-20 19:54:41	Name: __gpi Value: UID=00000bcb0ebb6943:T=1679585653:RT=1679585653:S=ALNI_MY-usIq3ldqznlQXrCQe7kvMAUZ1A
.hit.gemius.pl/	1970-01-20 20:01:53	Name: Gdyn Value: KlGKnRXGQMQGW1QOXv9tLlXUssGMXP8c25nSGJxcmU4BFRxSG7RrGS6GN4fBFlM1YH8PlexaG0F6Sssa
.doubleclick.net/	1970-01-20 19:54:41	Name: IDE Value: AHWqTUk7i944SBxmYSn4mtOfeUjXxg4VpkggILHPZp-37RMAYN7I3B6J9Egnf6klbUE
.doubleclick.net/	1970-01-20 10:33:09	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gaua.hit.gemius.pl/xgemius.js(Line 895) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
i.online.ua
images.dmca.com
ls.hit.gemius.pl
novyny.online.ua
online.ua
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.online.ua
104.18.9.233
146.59.30.100
151.139.128.10
2001:4860:4802:34::36
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.37.238.28
0307f80f609db8a59967ba8a37db8a1b911542c60f7aa1b7e48b72d828f730e3
04e3d37ae58a169cb364d45951c5b8b3f0ec19ffc8b038341e475c3b824c19a0
06e27a91b8568714ff633f4cd8d8eeefdb9e3dfcda901217e3a036c7cda4840d
093cd662c1b934ab8cf90fca6a082fcfe78391fbaa671a2cfa4f51615d2c7a24
0a101bfe80ed55fff9ea504f933123638de2fc91d719ecf775d8803de7be7303
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0f1cc303ee3efc25ba7331a644b7e481dc44b89195f69f8eecc0ceac7e0bc63c
10f57c90c234367849b6417839a1668837cab5630827286e885f63dba278b402
1637a5965d36fa3203572658b276ccebf984349c743efb412ac654fd5ae92fe7
1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1931393a287d265012b3b5cb16477376cd919eb90afa83b4b89ec3aacaf24aec
1a7e995123370d59e0c113702f258c03b1b3e4805e4d8a3f20c8eddbdbfe12c8
1af7fdae6201e0e5fbc8043be2f8e89248cf9a74032233b63a7ae78cbb3ba226
1fd91d342e4639cda80eee000f7a67baba6ed3757285e59fca25aed2cda9f1c1
21cbbbfca70461687e996300111aa8518594fc4f1b874bc2a6ca9a812eaac234
234057b7f099022f70283d30ad2c80bf3b0c2ba76c408fd7fa707d1390170cb0
23a0b4a8f5fcb80641630d149bd51effe0a59f559fb4409e384a1268c2b9a3e7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ce05c89afbb83a529a92949b8725bf4afc7f73a567ae43e458ac3c3014bb4b0
302deaf4fa154ebeaef0722951adad97a1e1727ca955959030e2f43257afb3f4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b9c8c5893ffc45ac47781cec9375ebe5533d4d3a139397288eb3072dea649b
32e0816a9312b7dc1931f83f4c0bec95f1d5ed28046436ba82c3ecabb724a8f2
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3b6efa2f7cf1d7a54e0099d06c3652ea2211492c718f068bffe08b558945a446
3c0a1c2e7aaa30acf291d7f4fee71f7bd19015f0d3796a15ffffafa9f17de86c
3caee5a64e4b2fde3ac5c549fadd1a03ed69bdda4a0ae26c671cbccdfaac6f3e
3ea947b1cd49f92ff10431d8bbd01cca4ce26bc83f1244518b8aff6f00eecbf3
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b925527751b9fbdfd3cc518aef10befacfd044867b52cfd108dd426e100096d
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
4e572661d3f183abfa7624f0f56d1ea477d07f48fa5952e02848fc9d7b1195f9
5065402d42070a6ea6e645f08c5609c56f67dfefef2609a2e99b055837b69c4f
53206ab33d6dc746cf14a1939a9f902ffdd7a9302144044ab106bfdc24baeaf1
5559440699e21088bf13c4737525dcc177bb412fcbd9f34213117ae1415e400e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5860292c5db4035f11bfe174ea307839f5f8dd72ff830b432eeec254d90105a9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5b8bbe38e7c3c1bc98f8754ff3eaa87a9db0b5e206bd6760b88f1bb74a345d26
5e67b38df2f443c76c728781c3f402a62f042220e812f3ccce3f9b57d5da5e02
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6275fc439910a452df182f71a93fd77a7dec5cff844256003ba014653ac36931
65fa9869621f3a6c818c229a9c05b6bd8b1288795f52422bcc9ae67e4ffa70be
662cb46f293e044955ce8aa4d03ca7288773ee2973cd71bb779baea998319c48
6650729a4866f5478e6bda54c2cd2b28a0ec781c4ccd3bcb3105c0d1b5c1ce18
6743cf6d78a4ecffab61d514765fb39e22b7c34484585bc38802892a6b7eb370
67e6addb210c37446834b2edb58cc10978872266b04d10fd7398818385796bd2
6a01e7f5058066bb9bc608272c7ae5566dae3ab7a5a0a1cb51f43d4d88be59aa
6a5ef282202b5b1d6e8a169edcfc71c16cbb8fcfc833de5a288c653ea0c7f019
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6c3708f24c4509f0aaf6fdf1b8a95af0d8305175323b4edda177bd9b9bd893aa
6d113b89e713432c7f5a8593f23e091aa218ffd933430f409f1b2090807a08d7
71896be020ac9285fb9e860b525548c405771011a4a631860380b8ba068a55e5
71c532db10b76ccb2c46aff6f955b63b15b6b554a14440838d273065a7423f6c
73a018d7e8456ea982cf0749a6e6e5acf5b425330f38c9dcc2031b4db2cbbae3
73d84b3a90968f9a04937564f0efc49e9a47e3c2594e745eaa856f2496035394
746f342dc178b1eb6ff555a612735e9daf108cd68a9d5cb3150a83de5b541ee5
75b5c247266c6de71d86b4420711684f2f34f4db92cda63c6b5d1d4c2161b705
7697d50fd27aa61fa0b27ff7a3bd40974ffc79bee46b9334301d279f4c1f01e7
7885dd8125b6a371ba80e7074680944daac8d1150209f854b5f0ead5000ce914
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7ca7af8780cd8509a0dac913c0e56ddbf34d75b94180a66ec2d439ceec6c284e
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859b70980bca80beff8306f3fdc0a4c98fcd164d4cb04c12b9830c62025eeb61
86e930d57a24ef1e2da10f8f3fdff3accaa843a18bfb0d5096215e6b74e83ec9
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87a3a8eec9ef6c1597e25bddfe0dcc4b70ce1ae1a73833445161f51a2ba64b6b
889c529da61eff9f895ae4ad7f7295f1b2608abbb510383ebfc54839697e41d9
8bf7301853d3b040f0741b36d25be339862991ec86bb67bc54ebea2c0a07c304
8ef685d3bb2264a5eb8e3b3390fbf196bdfe988d4618f5b97d411b0df0990c31
914c2155f5f83268e37a283fb8effdd3c016c8c04034a64420670f904e8a90d1
916f8c85a587cf1f9156dcb11423f7101dd57794c927170690a72332be73fcb9
9211c1981526b189ec7d7b71325385379bb3aa3c0cee10d53d21bb93f58c3aec
9768f389ad9cad9ba8ef46dac02a75efe3c3b5d88daf0c8d0dd80207435dff97
996a7a04e7d704459f252678b214493a76efdf8d61a4b7fc292685286a7339a4
9f9ddc6e8b21365f084804c3bb95a281ab0184862d3acc8d67699265e94c3b67
a3b92e26e2c200ea5d7b539a3ad962cada02bfa27bce0c6391bbc4cc4a6ab356
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8cdd0d491c9c4e74590acc050bc40059812469acf47829e3e7c032913bd20dd
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ad89e0a7ba5bc269ae857d3d45bbf5ce07e8092879ed4c27d72e3e8809878217
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0fcce7c443bae8dddb851c96549b721344f3df67ca1737c5291d82de4c5b467
b5b69cd08f24c6f5fccaf06e66b8fe3ff20a56796222dbca46ec4f47f6ff0cb8
b9fbdc6512ee9aaf769c2dca79c49320feed7bb5ca71e1bff815555039756445
ba521ad256cdab8a67d213d3ac718b7eacc8c2362fc17c39b39e4cfe9edc09fb
c95393acf6c8dc64c99e33039610ec486a143f7caa1da005d187e93af34f6c88
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cf1d7280cbe245e35b777827e00240f64772ff5a4e10087727325b5c0530111b
d7a1a187664c3dbc236d5231b64f5f18057d95cd209055701b44778b9729a684
d9f66c6854f7811f1c76a4c7ac26974e6954c8230043f86ddac3158f2b90236c
dadb402d38ce8e2bc947f5aaabb6fbbe576832288f1d81936b0ee939a4418459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e1175a85e9f2cda2585e0930e805b1ef75ac8b8cb07119fe0affa4871bee0bf9
e284fa910cf21adb590d45fb4466e5aea71f1473ff509bde21629e2a465a0f0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea
e61fc0bafd1576ba8cca2e9593d4c7391160bc99ee9dc130305d04e3c8a887a4
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
eb133a1c6bafa765af23a02f78b30c1dcaecc985ff28ce3b6d8019ad879ca017
ecc06fce25554bca4331ea7e89a9aed20e0fba5cedb3f28854389f5422146cad
ee83c35af58bef3af64aa9154281b8ca88fb5655ea0f1751c84dd3364cf2d14b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2add65b0a6ec2e0e57d7585b8f5c927dc6cd5d6f49a7c33b0bd426d07ed9fcd
f430ca8240c77e75e6e9704ba531f12dfdb6d1d696541e5f2b6a9a10eaaac9e0
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7d30395802a25abbd41c5694d6b8543b5fe81cb2d792380aa88a6ed23ef514b
f93d0a7f363d329bf3db3dc800069b7736c96c8f14ca345fff631b11a78be209
faf748072234bcc2e91400cca30db9c14c31fa037c7b7c4671ff9088e81f545c
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
ffc8ffeddf87250354ca8e272bb91b963793a3367657b9f979a1d66d8dbd2e6b

www.online.ua Open in urlscan Pro 104.18.9.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

99 %HTTPS

82 %IPv6

15 Domains

25 Subdomains

23 IPs

6 Countries

1673 kBTransfer

4029 kBSize

18 Cookies

80 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.online.ua Open in urlscan Pro
104.18.9.233 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

99 %
HTTPS

82 %
IPv6

15
Domains

25
Subdomains

23
IPs

6
Countries

1673 kB
Transfer

4029 kB
Size

18
Cookies

154 HTTP transactions
5 data transactions