www.ukr.net Open in urlscan Pro
104.18.9.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukr.net/
Effective URL:
https://www.ukr.net/
Submission: On August 29 via manual (August 29th 2023, 6:08:20 am UTC) from IN — Scanned from DE

Summary HTTP 237 Redirects Links 290 Behaviour Indicators

Summary

This website contacted 51 IPs in 10 countries across 30 domains to perform 237 HTTP transactions. The main IP is 104.18.9.128, located in and belongs to CLOUDFLARENET, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 235340.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 7th 2023. Valid for: a year.

This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.8.128 104.18.8.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	104.18.9.128 104.18.9.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700::68... 2606:4700::6812:509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 8	212.42.75.253 212.42.75.253	8856 (UKRNET Kiev) (UKRNET Kiev)
2 2	212.42.75.249 212.42.75.249	8856 (UKRNET Kiev) (UKRNET Kiev)
4	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.42.73.60 212.42.73.60	8856 (UKRNET Kiev) (UKRNET Kiev)
3	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
8	212.42.76.151 212.42.76.151	8856 (UKRNET Kiev) (UKRNET Kiev)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
5	209.205.197.154 209.205.197.154	55081 (24SHELLS) (24SHELLS)
8	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2 5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1 2	185.239.172.77 185.239.172.77	55081 (24SHELLS) (24SHELLS)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	44.193.144.116 44.193.144.116	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	99.80.174.177 99.80.174.177	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:6a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2600:1f18:1ac... 2600:1f18:1aca:4281:e23d:b574:de50:7cc2	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
237	51

1 104.18.8.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.9.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zakladki.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6812:509 (United States)

ASN13335 (CLOUDFLARENET, US)

upst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.75.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com

accounts.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.75.249 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com

mail.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com

pinformer.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zfctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.205.197.154 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.239.172.77 (United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.144.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-144-116.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.174.177 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-174-177.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:6a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	647 KB
27	fwdcdn.com upst.fwdcdn.com — Cisco Umbrella Rank: 242854	396 KB
26	ukr.net 5 redirects ukr.net — Cisco Umbrella Rank: 85767 www.ukr.net — Cisco Umbrella Rank: 235340 zakladki.ukr.net accounts.ukr.net — Cisco Umbrella Rank: 212389 mail.ukr.net — Cisco Umbrella Rank: 147861 counter.ukr.net — Cisco Umbrella Rank: 176514	155 KB
22	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	280 KB
21	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	335 KB
14	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 914 static.adsafeprotected.com — Cisco Umbrella Rank: 632 dt.adsafeprotected.com — Cisco Umbrella Rank: 586	102 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9904 csm.eu.criteo.net — Cisco Umbrella Rank: 9439	40 KB
10	gstatic.com fonts.gstatic.com	146 KB
10	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 7514 ghb.adtelligent.com — Cisco Umbrella Rank: 6266 sync.adtelligent.com — Cisco Umbrella Rank: 3252	195 KB
8	sinoptik.ua pinformer.sinoptik.ua — Cisco Umbrella Rank: 212733	47 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 435 mug.criteo.com — Cisco Umbrella Rank: 2707 ads.eu.criteo.com — Cisco Umbrella Rank: 9359 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10517 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16830	52 KB
6	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3101 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	227 KB
4	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 45807	8 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	2 KB
2	trafmag.com trafmag.com — Cisco Umbrella Rank: 44404 t.trafmag.com — Cisco Umbrella Rank: 54683	4 KB
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 11063	1 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 54247	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	146 KB
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 3468
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 690	277 B
1	zfctrack.net s.zfctrack.net — Cisco Umbrella Rank: 476618	450 B
1	google.de www.google.de — Cisco Umbrella Rank: 6490	408 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 707864	170 B
1	mgid.com servicer.mgid.com — Cisco Umbrella Rank: 8906	3 KB
1	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 323057	709 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
237	30

	Domain	Requested by
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com tpc.googlesyndication.com www.ukr.net
27	upst.fwdcdn.com	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua
21	s0.2mdn.net	www.ukr.net s0.2mdn.net
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.ukr.net www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
10	dt.adsafeprotected.com	bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	2 redirects www.ukr.net securepubads.g.doubleclick.net bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
8	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com
8	pinformer.sinoptik.ua	www.ukr.net pinformer.sinoptik.ua
8	accounts.ukr.net	1 redirects upst.fwdcdn.com accounts.ukr.net www.ukr.net
8	www.ukr.net	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua static.cloudflareinsights.com
6	googleads.g.doubleclick.net	bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	www.google.com	2 redirects tpc.googlesyndication.com bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
5	bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
4	www.googleadservices.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
4	counter.ukr.net	www.ukr.net counter.ukr.net
4	go.rcvlink.com	www.ukr.net go.rcvlink.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
2	fonts.googleapis.com	tpc.googlesyndication.com
2	static.adsafeprotected.com	bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.ukr.net
2	imageproxy.eu.criteo.net	ads.eu.criteo.com
2	fw.adsafeprotected.com	1 redirects www.ukr.net
2	sync.adtelligent.com	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	a4p.adpartner.pro	1 redirects upst.fwdcdn.com
2	mail.ukr.net	2 redirects
2	player.adtcdn.com	www.ukr.net
2	www.googletagmanager.com	www.ukr.net www.googletagmanager.com
2	zakladki.ukr.net	www.ukr.net
2	ukr.net	2 redirects
1	rtb.fr3.eu.criteo.com	bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	cookies.nextmillmedia.com
1	t.trafmag.com
1	ap.lijit.com
1	ads.eu.criteo.com	bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
1	mug.criteo.com	www.ukr.net
1	s.zfctrack.net	www.ukr.net
1	www.google.de	www.ukr.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	loadercdn.net	www.ukr.net
1	servicer.mgid.com	upst.fwdcdn.com
1	trafmag.com	upst.fwdcdn.com
1	m.mixadvert.com	upst.fwdcdn.com
1	static.cloudflareinsights.com	www.ukr.net
237	53

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
rozetka.com.ua
proizd.ua
robota.ua
rst.ua
avtoprod.ua
avtosale.ua
osago.avtosale.ua
goroshina.ua
www.otpusk.ua
www.accordtour.com
gorod-plitki.com.ua
dom.ria.com
lun.ua
flatfy.ua
casada.ua
healthyway.com.ua
med-magazin.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
budpolimer.com
goodmax.com.ua
luxchrono.com.ua
artpotolok.kiev.ua
lascala.ua
work.ua
optima.school
layboard.com
grc.ua
optima.study
cutt.ly
buketland.com.ua
flowers.ua
hvosting.ua
nic.ua
rx-name.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
mixadvert.com
m.mixadvert.com
kinoafisha.ua
www.ukrinform.ua
hromadske.radio
ua.news
sprotyv.info
trueua.info
war.obozrevatel.com
www.rbc.ua
www.obozrevatel.com
dw.com
uatv.ua
focus.ua
ukragroconsult.com
ukranews.com
censor.net
nashigroshi.org
crimezone.in.ua
www.autocentre.ua
vechirniy.kyiv.ua
usionline.com
kurs.com.ua
flot2017.com
donpatriot.news
delo.ua
itvua.tv
kyiv.comments.ua
bigkyiv.com.ua
budport.com.ua
www.bagnet.org
biz.nv.ua
detector.media
rubryka.com
itechua.com
newsyou.info
speka.media
t4.com.ua
techno.nv.ua
mashyna.com.ua
autotheme.info
footballtransfer.com.ua
ukrbiathlon.com.ua
ua.tribuna.com
sportnews.com.ua
life.pravda.com.ua
zdorovia.com.ua
lady.kyiv.ua
dailynews.kyiv.ua
clutch.net.ua
tsn.ua
toneto.net
minprom.ua
u-news.com.ua
news24.in.ua
woman24.kyiv.ua
telegraf.com.ua
news.obozrevatel.com
enovosty.com
kriminal.tv
www.epochtimes.com.ua
novosti24.kyiv.ua
joy-pup.com
useti.org.ua
odnaminyta.com
sensatsiya.com
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
autoshini.com
transshina.com.ua
ukrguma.com.ua
kiaparts.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
www.aks.ua
sotnyk.net
helplist.io
www.facebook.com
dovidka.info
savelife.in.ua
shelter.dopomagai.org
bank.gov.ua
sprotyv.mod.gov.ua
klubnatura.pl
www.immobilienscout24.de
chytomo.com
zib.com.ua
www.bamf.de
www.ukrainetakeshelter.com
vogue.ua
life.nv.ua
t.me
upst.fwdcdn.com
trafmag.com
mgid.com
clck.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net

Subject Issuer	Validity	Valid
ukr.net Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
fwdcdn.com Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
adtcdn.com GTS CA 1P5	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.ukr.net Thawte TLS RSA CA G1	`2023-04-29` - `2024-03-29`	a year	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2022-09-25` - `2023-10-01`	a year	crt.sh
adpartner.pro R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
m.mixadvert.com R3	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-13` - `2024-06-13`	a year	crt.sh
player.adtelligent.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
loadercdn.net R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
s.zfctrack.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-17` - `2024-08-17`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.ukr.net/
Frame ID: 3F820780EC923E22D317C88DCA592A33
Requests: 72 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 0004EA78DE681B43024C97F3570B2F56
Requests: 6 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 910667AAD4818F664266BB7DDDEE4631
Requests: 4 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
Frame ID: E6BCC91B9698978D746506EEDC283B12
Requests: 13 HTTP requests in this frame

Frame: https://s.zfctrack.net/z
Frame ID: 0975D7500322078FBC2754894BE3A523
Requests: 1 HTTP requests in this frame

Frame: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F9A84F877773F174389A315E35FFD77
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Frame ID: A97511B21C5ABD14DB857FEA5275A3B8
Requests: 2 HTTP requests in this frame

Frame: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3523FA9ED20410083E924AFB8AA20871
Requests: 32 HTTP requests in this frame

Frame: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CBA3ED2C74378EC6C7A46AF555143336
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY7sCI6QEwAQ&v=APEucNXqeCLzt8MNn9kcJUTO26BLMNcagXadE_KBaTn7zlrpPdzdxmPoMI-sezXzwG-86C4ekQPiFAV2uKNDslQVRZjZQq737y5rH0cwgCimAQcBYRbDt3Li_1HnOBgp73AtMtK3ErDv4_gde-DU_K49u_OreogCISQpiFi-cJ0-8PgUqGKLY24
Frame ID: 709392F0683DC415D2472B78CD951BBF
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO2LSwAOEjwH_ZJLAASdfuJ3C9y9Rki5TDrloQ&u=%7C%2FBE37nCRpAZ%2Bo4m0II0pPr09ncRI2TyPwWfWLRRl%2BvM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866vrqzw9yBhgOO8Sxjg1P7jAQg8WY_JQZB8NAG9SvYDbLIiHz6rN5PkewXMHwVWPQqh8GwWZsxLX1bsUsc6HtVV0Z5SSkBpW84Y5K1INcuRtITffM-9RZXyiWLi8byx1j1sHfYVbfNcKuh4paFMN7JO46Hyb_Ga7yY_1uz9aV-EN6ulFHJlUTTD3QQ1G3PsTly8V0XmLbEdmLTzYg9ZMMHp_KivfWGhw7PpnyqJo7W_7N27fpC--n_G6k66OUF38Gaqc6qP8yJR8y_F8IzRdbxyTL2WAE0ZDEtMH4KDMNHMNqf3oGucOMLmNvGg9ck6V0JFpijGTzRnhvuaC5c95EKzGSGcY3OSZknv22n2o1YkfwGUt5HPo0Re8vChlu-JH8UWK1a6yv5DchTVyOxKNZG2BJu00jbrx8RifR-kyiTsMSlKIyy7RneWKXV5gYYnGTQIkL8WiusQrI-B-U3Un2PBNjk3DTDywzfS9pJWJkMmApHvukJAuAhmPG8wX2YpfJxhCcTkzqM0dmlN_FWYz2kAsiwWH7g-KIpZE61g6tDyKhXdMV_KRzJea-WlMZRHb9aO-ToNFKABSQHmNoys3olE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF4usS4vtZLykOMuk9u8P_rqS8ATJntKxXNX24taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDA1ODEzNDExODc5MDA2yAEJqQIaTNtWBC2yPuACAKgDAcgDAqoE-wFP0I_X71bx5TbTHBuLQMGubVLgr0Yg_3Qo0eDLRN8jdS0ZCBbZN_sNtY456SObI3iCPJ0uf2LxnmQNxG-gAebL7MX2BRGKMj0_8zrD1wt4r7k1ez9q2wO15IapBh-l9GVG6WH3mzKqmj8G2t_O4oGE5sqNN3CFplWMzVaPGda0JiyZO3oXKHi1IbgjlmLJLj07cSbDxopsddFh93p3aIAIVdbsORij0BjqDFbSK6hAztqso-tSaGFB6_l_G2so5DtPsz1d8No_lek9S_pHxfQAE0VruPLq3FnHHKjgmVNsp3sWnnQ-deSS8kYE54uCdKKjS5JEyS8VpMEVO-AEAYAG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LGhRQJghIc9Ut3OVcqMRrQm78CQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Frame ID: 3770A93EEE7425B2AA8DF21F1E418CBE
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE7E57B4EE476A201E28586628933BC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 160B31E49695A4C80761696512EA53E0
Requests: 2 HTTP requests in this frame

Frame: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B3E418E8872244DA405C3B8EAFD91F2
Requests: 9 HTTP requests in this frame

Frame: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 019A013B565C9D5229C0F168316ED2FD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59F1F65A679CA1F3E132F9499C494C6A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
Frame ID: 245916010F7B46FAD2DF9D7B60874F97
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 037F53B20FD44BFBA8C269ACE916EEBD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html
Frame ID: BDADC3D659E444FD62257E17CCD723FB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C57DFC1D4C08D03A19687C5DD248999C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html
Frame ID: 7ACF91D4B92624C9D4E1DC46151F8BD1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EFCCC81A9252E42106119D7214113A16
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

237
Requests

96 %
HTTPS

50 %
IPv6

30
Domains

53
Subdomains

51
IPs

10
Countries

2790 kB
Transfer

7141 kB
Size

39
Cookies

290 Outgoing links

These are links going to different origins than the main page.

URL: http://ua.sinoptik.ua/?utm_source=ukr.net&utm_medium=main_page&utm_campaign=main_izbrannoe
Title: Sinoptik

Search URL Search Domain Scan URL

URL: http://orakul.com/
Title: Оракул

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=375206
Title: Booking

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukr_net_main&utm_medium=banner_logo&utm_campaign=logo_main
Title: Rozetka

Search URL Search Domain Scan URL

URL: https://proizd.ua/
Title: Proizd.ua

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpm&utm_campaign=logo
Title: Robota.ua

Search URL Search Domain Scan URL

URL: http://rst.ua/
Title: Машини продають на сайтi RST

Search URL Search Domain Scan URL

URL: https://avtoprod.ua/
Title: Продати авто на AVTOPROD.ua

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/
Title: Avtosale - автосалони України

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/insurance/osago
Title: Кращі ціни на автоцивілку

Search URL Search Domain Scan URL

URL: https://goroshina.ua/
Title: Шинний центр ГороШина

Search URL Search Domain Scan URL

URL: http://www.otpusk.ua/?utm_source=ukr.net&utm_medium=cpc&utm_content=general&utm_campaign=ukr.net
Title: 100% турів на Otpusk.ua

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/avtobusni_tury_plyazh_i_more
Title: Тури на море, відпочинок

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=338493
Title: Booking - бронювання житла

Search URL Search Domain Scan URL

URL: https://gorod-plitki.com.ua/ua/
Title: Магазин "Місто плитки" м. Київ

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/novostroyki/?withoutHeader=1&utm_source=ukrnet&utm_medium=clikukrnet_newbuilds&utm_campaign=newbuildings&r_audience=partners_buyers&r_source=ukr.net&r_medium=link&r_campaign=clikukrnet
Title: DOM.RIA - новобудови України

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН - Всі новобудови

Search URL Search Domain Scan URL

URL: https://flatfy.ua/
Title: FLATFY - Квартири шукай

Search URL Search Domain Scan URL

URL: https://casada.ua/massazhnye-kresla-uk
Title: Масажні крісла Casada

Search URL Search Domain Scan URL

URL: http://healthyway.com.ua/uk/yak-zmicniti-imunitet-2/
Title: Як зміцнити імунітет

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmedtovary
Title: Медичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3idlh7f
Title: Ортопедичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3nKOLeo
Title: Пульсоксиметри

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmainpage&utm_campaign=medmag
Title: Товари для здоров'я

Search URL Search Domain Scan URL

URL: http://doctoronline.care/
Title: Безкоштовні консультації лікарів

Search URL Search Domain Scan URL

URL: https://viveohealth.com/
Title: Онлайн консультації лікарів

Search URL Search Domain Scan URL

URL: https://teplo.app/
Title: Допомога психологів

Search URL Search Domain Scan URL

URL: https://budpolimer.com/?utm_source=ukr.net
Title: Господарські товари

Search URL Search Domain Scan URL

URL: https://goodmax.com.ua/uk/catalog/87-schetchiki-dlya-vody
Title: Лічильники води Goodmax

Search URL Search Domain Scan URL

URL: http://luxchrono.com.ua/
Title: Годинники і прикраси Люксхроно

Search URL Search Domain Scan URL

URL: https://artpotolok.kiev.ua/raschet-stoimosti/
Title: Стелі Art Decor

Search URL Search Domain Scan URL

URL: http://lascala.ua/index.php?utm_source=ukr_netdom&utm_medium=link&utm_campaign=ukr_netdom
Title: Постільна білизна 1+1=3

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=rozetka
Title: Магазин електронiки

Search URL Search Domain Scan URL

URL: http://work.ua/?utm_source=ukr.net&utm_medium=advert&utm_campaign=main_rabota
Title: WORK.ua – №1 в Україні

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpc&utm_campaign=link
Title: ROBOTA.ua - перевірені вакансії

Search URL Search Domain Scan URL

URL: https://optima.school/?utm_source=ukrnetLink&utm_medium=cpm&utm_campaign=workgr&utm_term=ukrnetLink
Title: Дистанційна освіта 1-11 клас

Search URL Search Domain Scan URL

URL: https://layboard.com/ua
Title: Робота за кордоном - Layboard

Search URL Search Domain Scan URL

URL: http://grc.ua/?utm_source=ukrnet&utm_medium=link&utm_campaign=main_page
Title: GRC.ua-робота професіоналам

Search URL Search Domain Scan URL

URL: https://optima.study/
Title: Курси для дітей і дорослих

Search URL Search Domain Scan URL

URL: https://cutt.ly/1B0Kz3E
Title: Курси програмування

Search URL Search Domain Scan URL

URL: https://buketland.com.ua/
Title: Квіти - BuketLand

Search URL Search Domain Scan URL

URL: http://flowers.ua/
Title: Flowers-доставка квiтів

Search URL Search Domain Scan URL

URL: https://orakul.com/num/
Title: Нумерологічний прогнози

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/vsi_avtobusni_tury
Title: Автобусні тури в Європу

Search URL Search Domain Scan URL

URL: http://hvosting.ua/
Title: Домени і Хостинг Hvosting.ua

Search URL Search Domain Scan URL

URL: http://nic.ua/
Title: NIC.ua - домени і хостинг

Search URL Search Domain Scan URL

URL: https://rx-name.ua/domains/tld/com.ua
Title: Домен com.ua 250 ₴ rx-name

Search URL Search Domain Scan URL

URL: http://internetua.com/
Title: СМИ - InternetUA

Search URL Search Domain Scan URL

URL: https://sport.ua/football?utm_source=ukrnet-mainpage&utm_medium=ukrnet-link
Title: Футбол на Спорт.ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/
Title: Великий теніс України

Search URL Search Domain Scan URL

URL: http://rada.gov.ua/
Title: Верховна Рада України

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/
Title: Президент України

Search URL Search Domain Scan URL

URL: https://court.gov.ua/
Title: Прес-центр судової влади

Search URL Search Domain Scan URL

URL: https://www.kmu.gov.ua/
Title: Кабінет Міністрів України

Search URL Search Domain Scan URL

URL: http://www.bank.gov.ua/
Title: Нацбанк

Search URL Search Domain Scan URL

URL: http://igov.org.ua/
Title: iGov - портал державних послуг

Search URL Search Domain Scan URL

URL: https://covid19.com.ua/
Title: Відомості про коронавірус

Search URL Search Domain Scan URL

URL: https://adp.digital/ap-landings/2/publisher.php?utm_source=own_promo&utm_medium=unit&utm_campaign=adpartner

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6513/3235595/e5d471f4-deda-4e7e-9583-a2ed48c387e6?data=eyJjcmVhdGVkX2F0IjoxNjkzMjg5MjkxLCJzaG93X2lkIjoiZTVkNDcxZjQtZGVkYS00ZTdlLTk1ODMtYTJlZDQ4YzM4N2U2IiwiYWRfdW5pdF9pZCI6NjUxMywicnVsZV9pZCI6MCwiYWRfaWQiOjMyMzU1OTUsImRhdGFfc291cmNlIjoiYXBwLWhiLXBsLTIwOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImQ5ZjhmNWU2LTQyNmEtNGVjOS1hNjdiLWU3OWIwNzRmOWQwYSIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=ec967f6e5f993542fd3b5b0f573f07f0

Search URL Search Domain Scan URL

URL: https://mixadvert.com/

Search URL Search Domain Scan URL

URL: https://m.mixadvert.com/go/?h=f3e72cae116ee836d602b5360430c173&t=444319&b=1559

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/yak-stati-krutelikom?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%B0%D0%BA+%D1%81%D1%82%D0%B0%D1%82%D1%8C+%D0%BA%D1%80%D1%83%D1%82%D1%8B%D0%BC
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pacya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D1%80%D0%BE%D1%81%D0%B5%D0%BD%D0%BE%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/stihii?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%82%D0%B8%D1%85%D0%B8%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/missiya-nevpolnima-smertelnaya-rasplata-cast-1?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%81%D1%81%D0%B8%D1%8F+%D0%BD%D0%B5%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BC%D0%B0%3A+%D0%A0%D0%B0%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%B0.+%D0%A7%D0%B0%D1%81%D1%82%D1%8C+1
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/oppengeimer?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D0%BF%D0%BF%D0%B5%D0%BD%D0%B3%D0%B5%D0%B9%D0%BC%D0%B5%D1%80
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/zal-zn-meteliki?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%96%D0%B5%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5+%D0%B1%D0%B0%D0%B1%D0%BE%D1%87%D0%BA%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/cverh-estestvennoe?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B2%D0%B5%D1%80%D1%85%D1%8A%D0%B5%D1%81%D1%82%D0%B5%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/spider-man-across-the-spider-verse-part-one?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A7%D0%B5%D0%BB%D0%BE%D0%B2%D0%B5%D0%BA-%D0%BF%D0%B0%D1%83%D0%BA%3A+%D1%81%D0%BA%D0%B2%D0%BE%D0%B7%D1%8C+%D0%B2%D1%81%D0%B5%D0%BB%D0%B5%D0%BD%D0%BD%D1%83%D1%8E
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/ostannya-podoroj-demetra?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B5%D0%B5+%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B5+%22%D0%94%D0%B5%D0%BC%D0%B5%D1%82%D1%80%D0%B0%22
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/veresen?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%B5%D1%80%D0%B5%D1%81%D0%B5%D0%BD%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/govori-do-mene?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%93%D0%BE%D0%B2%D0%BE%D1%80%D0%B8+%D1%81%D0%BE+%D0%BC%D0%BD%D0%BE%D0%B9
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/barbi?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D0%B0%D1%80%D0%B1%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/vdplata-doroga-pomsti?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%BE%D0%B7%D0%BC%D0%B5%D0%B7%D0%B4%D0%B8%D0%B5%3A+%D0%B4%D0%BE%D1%80%D0%BE%D0%B3%D0%B0+%D0%BC%D0%B5%D1%81%D1%82%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/indiana-djons-5?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BD%D0%B4%D0%B8%D0%B0%D0%BD%D0%B0+%D0%94%D0%B6%D0%BE%D0%BD%D1%81+%D0%B8+%D1%80%D0%B5%D0%BB%D0%B8%D0%BA%D0%B2%D0%B8%D1%8F+%D1%81%D1%83%D0%B4%D1%8C%D0%B1%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/p-dl-tki-mutanti-cerepashki-n-ndzya-pogrom-mutant-v?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%B8+-+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D1%8B+%D0%A7%D0%B5%D1%80%D0%B5%D0%BF%D0%B0%D1%88%D0%BA%D0%B8-%D0%BD%D0%B8%D0%BD%D0%B4%D0%B7%D1%8F%3A+%D0%9F%D0%BE%D0%B3%D1%80%D0%BE%D0%BC+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D0%BE%D0%B2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/prigodi-arah-su-ta-porosya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D1%80%D0%B8%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D1%8F+%D0%90%D1%80%D0%B0%D1%85%D0%B8%D1%81%D0%B0+%D0%B8+%D0%BF%D0%BE%D1%80%D0%BE%D1%81%D0%B5%D0%BD%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/slabacska?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%BB%D0%B0%D0%B1%D0%B0%D1%87%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/sinii-juk?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B8%D0%BD%D0%B8%D0%B9+%D0%B6%D1%83%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/straji-galaktiki-3?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%82%D1%80%D0%B0%D0%B6%D0%B8+%D0%93%D0%B0%D0%BB%D0%B0%D0%BA%D1%82%D0%B8%D0%BA%D0%B8+3
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/nterv-ua-z-vamp-rom?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%B2%D1%8C%D1%8E+%D1%81+%D0%B2%D0%B0%D0%BC%D0%BF%D0%B8%D1%80%D0%BE%D0%BC
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/gran-turizmo?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%93%D1%80%D0%B0%D0%BD+%D0%A2%D1%83%D1%80%D0%B8%D0%B7%D0%BC%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mavka-lesnaya-pesnya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D0%B2%D0%BA%D0%B0.+%D0%9B%D0%B5%D1%81%D0%BD%D0%B0%D1%8F+%D0%BF%D0%B5%D1%81%D0%BD%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/odnagdi-v-bryugge?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%97%D0%B0%D0%BB%D0%B5%D1%87%D1%8C+%D0%BD%D0%B0+%D0%B4%D0%BD%D0%BE+%D0%B2+%D0%91%D1%80%D1%8E%D0%B3%D0%B3%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/meg-2?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B5%D0%B3+2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kudlat-perc?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9B%D0%BE%D1%85%D0%BC%D0%B0%D1%82%D1%8B%D0%B5+%D0%BF%D0%B5%D1%80%D1%86%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/zv-rotacski?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%97%D0%B2%D0%B5%D1%80%D0%BE%D1%82%D0%B0%D1%87%D0%BA%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/m-s-ya-na-dvoh?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%81%D1%81%D0%B8%D1%8F+%D0%BD%D0%B0+%D0%B4%D0%B2%D0%BE%D0%B8%D1%85
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/best-erotic-shorts-4?utm_source=ukr.net&utm_medium=informer&utm_campaign=Best+Erotic+Shorts+-+4
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/dovbush?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D0%BE%D0%B2%D0%B1%D1%83%D1%88
Title: купити квитки

Search URL Search Domain Scan URL

URL: http://avtosale.ua/?utm_source=ukr.net&utm_medium=Logo&utm_campaign=informers

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=954&utm_source=ukr.net&utm_medium=Hyundai_I10&utm_campaign=informers&CarCommercial=2
Title: 377 300 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=32971&utm_source=ukr.net&utm_medium=Ford_Tourneo_custom&utm_campaign=informers&CarCommercial=2
Title: 2 068 853 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5201&utm_source=ukr.net&utm_medium=Renault_Koleos&utm_campaign=informers&CarCommercial=2
Title: 751 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=2237&utm_source=ukr.net&utm_medium=Ford_Kuga&utm_campaign=informers&CarCommercial=2
Title: 1 169 845 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=936&utm_source=ukr.net&utm_medium=Hyundai_Santa_fe&utm_campaign=informers&CarCommercial=2
Title: 1 265 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=16977&utm_source=ukr.net&utm_medium=Renault_Duster&utm_campaign=informers&CarCommercial=2
Title: 658 700 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=32630&utm_source=ukr.net&utm_medium=Renault_Sandero_stepway&utm_campaign=informers&CarCommercial=2
Title: 437 100 грн

Search URL Search Domain Scan URL

URL: https://www.ukrinform.ua/rubric-economy/3754289-pivdenna-korea-zbilsit-dopomogu-ukraini-do-majze-400-miljoniv.html
Title: Південна Корея збільшить допомогу Україні до майже $400 мільйонів

Search URL Search Domain Scan URL

URL: https://hromadske.radio/news/2023/08/29/530-rosiyskykh-okupantiv-likviduvaly-v-ukraini-za-dobu-henshtab-5/
Title: 530 російських окупантів ліквідували в Україні за добу — Генштаб

Search URL Search Domain Scan URL

URL: https://ua.news/ua/world/premer-ministr-yaponii-anonsiroval-peregovory-s-zelenskim
Title: Прем'єр-міністр Японії анонсував переговори із Зеленським

Search URL Search Domain Scan URL

URL: https://sprotyv.info/news/kupyanskij-napryamok-okupanti-zvodyat-minni-zagorodzhennya-vzdovzh-rosijskogo-kordonu/
Title: Куп’янський напрямок: окупанти зводять мінні загородження вздовж російського кордону

Search URL Search Domain Scan URL

URL: https://trueua.info/news/genshtab-povidomiv-pro-uspih-zsu-poblizu-novogo-naselenogo-punktu-na-pivdni
Title: Генштаб повідомив про успіх ЗСУ поблизу нового населеного пункту на Півдні

Search URL Search Domain Scan URL

URL: https://ua.news/ua/world/pid-pryvodom-navchan-rosijskyh-vijsk-u-bilorusi-mozhe-pobilshaty
Title: Під приводом навчань: російських військ у Білорусі може побільшати

Search URL Search Domain Scan URL

URL: https://war.obozrevatel.com/ukr/zsu-zitknulisya-z-nizkoyu-problem-pri-kontrnastupi-na-pivdni-ale-zvilnennya-robotinogo-vidkrivae-novi-perspektivi-cnn.htm
Title: ЗСУ зіткнулися з низкою проблем при контрнаступі на півдні, але звільнення Роботиного відкриває нові перспективи – CNN

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/news/naybidnishih-zhiteliv-rosiyi-zamanyuyut-viynu-1693288652.html
Title: Найбідніших жителів Росії заманюють на війну високими зарплатами, - британська розвідка

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/ekonomika-glavnaya/analytics-and-forecasts/rosijski-shahedi-ta-inshi-droni-vigotovleni-z-importnih-detalej-sered-virobnikiv-e-kraini-nato.htm
Title: Російські "шахеди" та інші дрони виготовлені з імпортних деталей: серед виробників є країни НАТО

Search URL Search Domain Scan URL

URL: https://ua.news/ua/world/konkurent-trampa-hochet-otdat-rossii-okkupirovannye-territorii-ukrainy
Title: Конкурент Трампа хоче «віддати» росії окуповані території України

Search URL Search Domain Scan URL

URL: https://dw.com/p/4VgMk?maca=ukr-rss-ukrnet-ukr-all-3816-xml
Title: Президентка Угорщини закликала Україну до переговорів з РФ

Search URL Search Domain Scan URL

URL: https://uatv.ua/uk/ukrayinskyj-kontrnastup-maye-chastkovyj-uspih-otsinka-milli/
Title: Український контрнаступ має частковий успіх — оцінка Міллі

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/voennye-novosti/588824-atacms-i-taurus-budut-reznikov-anonsuvav-peredavannya-ukrajini-dalekobiynih-raket
Title: "ATACMS і Taurus — будуть": Резніков анонсував передавання Україні далекобійних ракет

Search URL Search Domain Scan URL

URL: https://ukragroconsult.com/news/na-dnipropetrovshhyni-zavershyly-zbyralnu-kampaniyu-rannih-kultur/
Title: На Дніпропетровщині завершили збиральну кампанію ранніх культур

Search URL Search Domain Scan URL

URL: https://ukranews.com/ua/news/952509-za-programoyu-yeoselya-vydano-2-7-tys-ipotechnyh-kredytiv-na-3-8-mlrd-gryven
Title: За програмою "єОселя" видано 2,7 тис. іпотечних кредитів на 3,8 млрд гривень

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/economics/588828-vid-5-do-30-tisyach-griven-hto-z-ukrayinciv-mozhe-otrimati-dodatkovi-viplati
Title: Від 5 до 30 тисяч гривень: хто з українців може отримати додаткові виплати

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3440169/ponad_57_tysyach_posadovtsiv_podaly_deklaratsiyi_za_tyjden_nazk
Title: Понад 5,7 тисяч посадовців подали декларації за тиждень, - НАЗК

Search URL Search Domain Scan URL

URL: https://nashigroshi.org/2023/08/29/ukrzaliznytsia-zasekretyla-tsiny-lytva-na-177-mln-vid-zavodu-kolomoys-koho/
Title: «Укрзалізниця» засекретила ціни литва на 177 млн від заводу Коломойського

Search URL Search Domain Scan URL

URL: https://crimezone.in.ua/podiji/18265-na-harkivschini-voyenkom-narahuvav-680-tis-grn-svojij-znajomij-jaka-navit-ne-sluzhila-v-zsu.html
Title: На Харківщині воєнком нарахував 680 тис. грн своїй знайомій, яка навіть не служила в ЗСУ

Search URL Search Domain Scan URL

URL: https://www.autocentre.ua/ua/news/avtobus-s-ukraintsami-popal-v-avariyu-v-rumynii-emu-sneslo-chast-kryshi-foto-i-video-1460153.html
Title: Автобус із українцями потрапив в аварію у Румунії – йому знесло частину даху (фото та відео)

Search URL Search Domain Scan URL

URL: https://vechirniy.kyiv.ua/news/87534/
Title: Підробляла діагнози мобілізованим: у Києві затримали працівницю ВЛК

Search URL Search Domain Scan URL

URL: https://usionline.com/avtobus-odesa-konstantsa-vletiv-v-obmezhuvach-vysoty-bahato-poranenykh/
Title: Автобус Одеса – Констанца влетів в обмежувач висоти – багато поранених

Search URL Search Domain Scan URL

URL: https://kurs.com.ua/novost/1081783-v-germanii-deputat-narisoval-svastiku-na-avto-ukraincev-ego-oshtrafovali?source=ukrnet
Title: У Німеччині депутат намалював свастику на авто українців, його оштрафували

Search URL Search Domain Scan URL

URL: https://flot2017.com/po-standartam-nato-genshtab-soobshhil-o-zavershenii-obucheniya-voennyh-v-polshe/
Title: По стандартам НАТО: Генштаб сообщил о завершении обучения военных в Польше

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/novosti-obschestvo/ochikuemo-poyasnen-glava-ugkts-vidreaguvav-na-zayavu-papi-rimskogo-pro-veliku-rosiyu-i-zrobiv-zasterezhennya.htm
Title: "Очікуємо пояснень": глава УГКЦ відреагував на заяву Папи Римського про "велику Росію" і зробив застереження

Search URL Search Domain Scan URL

URL: https://ua.news/ua/ukraine/pogibshim-na-zhitomirshhine-pilotam-prisvoeny-voinskie-zvaniya
Title: Загиблим на Житомирщині пілотам присвоєно військові звання

Search URL Search Domain Scan URL

URL: https://donpatriot.news/article/u-mon-pripuskayut-scho-v-ukrayini-byudzhetne-navchannya-stane-grantovim
Title: У МОН припускають, що в Україні бюджетне навчання стане грантовим

Search URL Search Domain Scan URL

URL: https://delo.ua/politics/u-kremli-zatverdili-tematiku-novogo-etapu-informaciinoyi-viini-proti-ukrayini-shho-pridumali-propagandisti-423157/
Title: У Кремлі затвердили тематику нового етапу інформаційної війни проти України: що придумали пропагандисти

Search URL Search Domain Scan URL

URL: https://itvua.tv/news/v-irpinskomu-litsei-3-pershyy-dzvonyk-vidznachat-onlayn/
Title: В Ірпінському ліцеї №3 Перший дзвоник відзначать онлайн

Search URL Search Domain Scan URL

URL: https://kyiv.comments.ua/ua/news/society/developments/19885-u-kiivskiy-oblasti-zbuduyut-velichezniy-promisloviy-ob-ekt-detali.html?utm_source=ukrnet&utm_medium=ukrnet2
Title: У Київській області збудують величезний промисловий об'єкт: деталі

Search URL Search Domain Scan URL

URL: https://bigkyiv.com.ua/chotyry-lyudyny-postrazhdaly-u-dtp-zi-shvydkoyu-u-bilij-czerkvi-foto/
Title: Чотири людини постраждали у ДТП зі швидкою у Білій Церкві (фото)

Search URL Search Domain Scan URL

URL: https://budport.com.ua/news/27318-akustichniy-park-zamist-pamyatnika-zoj-kosmodemyanskiy-predstavleno-proyekt-oblashtuvannya-gromadskogo-prostoru-u-kiyevi
Title: Акустичний парк замість пам'ятника Зої Космодем’янській: представлено проєкт облаштування громадського простору у Києві

Search URL Search Domain Scan URL

URL: https://www.bagnet.org/news/kiev/1353582/u-tsentri-kieva-zgoriv-starovinniy-budinok-video
Title: У центрі Києва згорів старовинний будинок

Search URL Search Domain Scan URL

URL: https://internetua.com/yak-pereviriti-sxo-vash-telefon-ne-prosluhovuuat-dekilka-nadiinih-metodiv
Title: Як перевірити, що ваш телефон не прослуховують: декілька надійних методів

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech/arm-podav-zayavku-na-provedennya-ipo-na-nasdaq-ostanni-novini-50349643.html
Title: Розробник чіпів Arm подав заявку на проведення IPO

Search URL Search Domain Scan URL

URL: https://detector.media/infospace/article/216119/2023-08-29-chy-zlamaly-signal-ta-yak-ubezpechyty-sebe-vid-ryzykiv/
Title: Чи зламали Signal, та як убезпечити себе від ризиків?

Search URL Search Domain Scan URL

URL: https://rubryka.com/2023/08/29/dron-velykyj-banderyk/
Title: Рішення для перемоги: у військових на фронті зявився новий дрон “Великий Бандерик”

Search URL Search Domain Scan URL

URL: https://itechua.com/smartphones/230564
Title: Експерти розповіли, чому варто дочекатися iPhone 16 замість купівлі iPhone 15

Search URL Search Domain Scan URL

URL: https://internetua.com/tayemnicua-rozkrito-vcseni-rozpovili-de-roztashovano-naibilshe-zapasiv-zolota
Title: Таємницю розкрито: вчені розповіли, де розташовано найбільше запасів золота

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/vcheni-vpershe-zmusili-ceglu-rozpovisti-pro-roslinnist-starodavnogo-svitu
Title: Вчені вперше змусили цеглу “розповісти” про рослинність Стародавнього світу

Search URL Search Domain Scan URL

URL: https://speka.media/indiya-planuje-zapusk-misiyi-aditya-l1-dlya-doslidzennya-soncya-de-ta-koli-divitisya-start-plr7dp
Title: Індія планує запуск місії Aditya-L1 для дослідження Сонця: де та коли дивитися старт

Search URL Search Domain Scan URL

URL: https://t4.com.ua/science/v-avstraliyi-pomityly-ridkisnu-hodyachu-rybu/
Title: В Австралії помітили рідкісну ходячу рибу

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience/amerikanski-fiziki-vikoristali-teoremu-nyutona-i-vidkrili-novi-vlastivosti-svitla-novini-50349461.html
Title: Допомогли Ньютон і Гюйгенс. У США використали теорему 350-річної давнини, щоб знайти нові властивості світла

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/styler/1-veresnya-minyayutsya-umovi-peretinu-kordonu-1693236869.html
Title: З 1 вересня міняються умови перетину кордону: що треба знати водіям

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/eksperti-nazvali-2-kompaktni-krosoveri-yaki-krashhe-ne-kupuvati-na-vtorinnomu-rinku
Title: Експерти назвали 2 компактні кросовери, які краще не купувати на вторинному ринку

Search URL Search Domain Scan URL

URL: https://mashyna.com.ua/uk/auto/article/219181
Title: 7 найкращих авто, які можна купити в Україні за 1000 доларів: транспорт за ціною iPhone

Search URL Search Domain Scan URL

URL: https://autotheme.info/news/202141-nedorogo-i-suchasno-ukrayintsyam-prezentuvali-novu-deshevu-tavriyu.html
Title: Недорого і сучасно: українцям презентували нову дешеву Таврію

Search URL Search Domain Scan URL

URL: https://t4.com.ua/trans/nazvano-5-pomylok-vodiyiv-yaki-shvydko-vbyvayut-avto/
Title: Названо 5 помилок водіїв, які швидко вбивають авто

Search URL Search Domain Scan URL

URL: http://footballtransfer.com.ua/ua/news-120305.html
Title: Русин - про трансфер в Сандерленд

Search URL Search Domain Scan URL

URL: https://ukrbiathlon.com.ua/25471/sport/rizik-vtratiti-lidera-zirka-zbirno%d1%97-ukra%d1%97ni-virushiv-za-kordon-na-medobstezhennya/
Title: Ризик втратити лідера: зірка збірної України вирушив за кордон на медобстеження

Search URL Search Domain Scan URL

URL: https://ua.tribuna.com/uk/football/1000000091379-vitalij-vernidub-v-plany-krivbassa-ne-vxodit-rasstavanie/
Title: Віталій Вернидуб: «У плани «Кривбасу» не входить розставання з нашими лідерами»

Search URL Search Domain Scan URL

URL: http://sport.ua/uk/news/639767-hirn-otsiniv-skandalniy-udar-dyubua-v-boyu-z-usikom
Title: Хірн оцінив скандальний удар Дюбуа в бою з Усиком

Search URL Search Domain Scan URL

URL: https://sportnews.com.ua/81093/veteran-dinamo-nezabarom-perejde-do-yevropejskogo-klubu/2023/08/29/
Title: Ветеран Динамо незабаром перейде до європейського клубу

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/health/2023/08/29/256202/
Title: Як сформувати здорові харчові звички в школяра: 7 кроків

Search URL Search Domain Scan URL

URL: http://zdorovia.com.ua/harchuvannja/62234perevagi-vidmovi-vid-soli.html
Title: Переваги відмови від солі

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/medik-rozpovila-chim-ne-varto-zbivati-temperaturu-dityam
Title: Медик розповіла, чим не варто збивати температуру дітям

Search URL Search Domain Scan URL

URL: https://lady.kyiv.ua/zdorov-ya/zalezhit-vid-chasu-dobi-likari-rozpovili-koli-pravilno-prijmati-vitamini/
Title: Залежить від часу доби: лікарі розповіли, коли правильно приймати вітаміни

Search URL Search Domain Scan URL

URL: https://dailynews.kyiv.ua/zdorov-ya/nezvichajni-prichini-molochnitsi/
Title: Незвичайні причини молочниці

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/andrij-xlivnyuk-potroliv-solista-rosijskogo-gurtu-zveri-romu-bilika
Title: Андрій Хливнюк потролив соліста російського гурту “Звери” Рому Білика

Search URL Search Domain Scan URL

URL: https://clutch.net.ua/uk/showbiz/92136-anna-koshmal-prokommentirovala-sluhi-o-razvode-s-muzhem-ya-schitayu-chto-zhenshchina
Title: Анна Кошмал прокоментувала чутки про розлучення з чоловіком: "Я вважаю, що жінка..."

Search URL Search Domain Scan URL

URL: https://tsn.ua/lady/news/show-biznes/u-chervonomu-mini-ta-myulyah-na-shpilci-efektna-geyli-biber-v-ob-yektivah-paparaci-v-nyu-yorku-2399362.html
Title: У червоному міні та мюлях на шпильці: ефектна Гейлі Бібер в об'єктивах папараці в Нью-Йорку

Search URL Search Domain Scan URL

URL: https://detector.media/infospace/article/216120/2023-08-29-istorychnyy-ekshn-dovbush-zibrav-87-milyoniv-gryven-za-pershyy-vikend-prokatu/
Title: Історичний екшн «Довбуш» зібрав 8,7 мільйонів гривень за перший вікенд прокату

Search URL Search Domain Scan URL

URL: https://toneto.net/news/kultura/stvoreno-v-ki--v----beyonse-zapalila-na-stsen---v-eksklyuzivnomu-vbrann---transformer---v--d-frolova
Title: Бейонсе запалила на сцені в ексклюзивному вбранні-трансформері від українського бренду

Search URL Search Domain Scan URL

URL: https://tsn.ua/svit/u-kremli-gotuyutsya-do-novogo-potenciynogo-viyskovogo-zakolotu-roszmp-2399368.html
Title: У Кремлі готуються до нового потенційного військового заколоту - росЗМП

Search URL Search Domain Scan URL

URL: https://toneto.net/news/kultura/ros--yani-zayavili--shcho-zbili--ukra--nskiy-bezp--lotnik--na-b--lgorodshchin--
Title: Росіяни заявили, що збили "український безпілотник" на Бєлгородщині

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/worldfun/588830-ya-pochuv-krik-perehozhiy-spiymav-malenku-divchinku-yaka-vipala-z-5-poverhu-foto
Title: "Я почув крик": перехожий спіймав маленьку дівчинку, яка випала з 5 поверху (фото)

Search URL Search Domain Scan URL

URL: https://minprom.ua/news/300544.html
Title: Німецька AGI побудує у Індонезії завод з виробництва зеленого водню

Search URL Search Domain Scan URL

URL: https://internetua.com/putin-vidmovivsya-poyihati-na-samit-g20-u-indiyi
Title: Путін відмовився поїхати на саміт G20 у Індії

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/spojleri-2024-roku-rosijske-posolstvo-viznalo-krim-ukra%d1%97nskim-u-merezhi-smiyutsya
Title: “Спойлери 2024 року”: російське посольство визнало Крим українським, у мережі сміються

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/154003-spravzhnii-patriot-ta-krasunchyk-kremivski-boty-khvalyly-kadyrova-pid-postom-prokadyk.html
Title: Справжній патріот та красунчик: кремлівські боти хвалили Кадирова під постом про кадик

Search URL Search Domain Scan URL

URL: https://internetua.com/u-braziliyi-velicsezna-anakonda-zablokuvala-ruh-na-trasi
Title: У Бразилії величезна анаконда заблокувала рух на трасі

Search URL Search Domain Scan URL

URL: https://news24.in.ua/lifestyle/merezhu-rozsmishilo-koshenya-yake-nalyakalo-svo%d1%97x-gospodariv-video.html
Title: Мережу розсмішило кошеня, яке налякало своїх господарів (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://woman24.kyiv.ua/hobi/dumayu-skorotiti-svoye-rezyume-do-frazi-top-za-svoyi-groshi-kumedni-zharti-pro-spivbesidi-na-robotu-foto/
Title: Думаю скоротити своє резюме до фрази “Топ за свої гроші”: кумедні жарти про співбесіди на роботу (ФОТО)

Search URL Search Domain Scan URL

URL: https://telegraf.com.ua/ukr/tehnologii/2023-08-29/5806220-osoblivi-avto-dlya-zsu-yak-bagi-dopomagayut-ukrainskim-zakhisnikam-foto-video?traffic_source=ukr.net
Title: Особливі авто для ЗСУ: як багі допомагають українським захисникам (фото, відео)

Search URL Search Domain Scan URL

URL: https://news24.in.ua/kurjozi/25-chudovix-fotografij-zroblenix-z-visoti-ptashinogo-polotu.html
Title: 25 чудових фотографій, зроблених з висоти пташиного польоту

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/dzhennifer-lourens-vijshla-na-progulyanku-iz-sinom-u-vizku-foto
Title: Дженніфер Лоуренс вийшла на прогулянку із сином у візку (фото)

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/ne-dozhiv-dva-misyatsi-do-zavershennya-sluzhbi-u-boyah-za-ukrainu-zaginuv-voin-iz-prikarpattya-yakij-pishov-na-front-dobrovoltsem-foto.htm
Title: Не дожив два місяці до завершення служби: у боях за Україну загинув воїн із Прикарпаття, який пішов на фронт добровольцем. Фото

Search URL Search Domain Scan URL

URL: https://enovosty.com/uk/news-ukr/news_kiev-ukr/full/2908-vidrazu-4-elitni-mashini-zyavilisya-podrobici-dtp-iz-dasheyu-kvitkovoyu
Title: Відразу 4 елітні машини: з'явилися подробиці ДТП із Дашею Квітковою

Search URL Search Domain Scan URL

URL: https://kriminal.tv/news/ukrajinski_vijskovi_pokazali_tankovu_zachistku_okupantiv_pid_bahmutom_video.html
Title: Українські військові показали танкову зачистку окупантів під Бахмутом: відео

Search URL Search Domain Scan URL

URL: https://internetua.com/ukrayinski-viiskovi-vpershe-znisxili-ridkisnu-rosiisku-svet-ku-u-tilu-voroga-video-
Title: Українські військові вперше знищили рідкісну російську "Свет-КУ" у тилу ворога (відео)

Search URL Search Domain Scan URL

URL: https://www.epochtimes.com.ua/novyny-suspilstva/velykobrytaniya-ogolosyla-pro-obovyazkove-dovichne-uvyaznennya-dlya-nayzhorstokishyh-vbyvc-video-153598
Title: Великобританія оголосила про обов'язкове довічне ув'язнення для "найжорстокіших" вбивць (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/154008-biici-zsu-znyshchyly-vorozhu-perenosnu-reaktyvnu-puskovu-ustanovku-grad-p-video.html
Title: Бійці ЗСУ знищили ворожу переносну реактивну пускову установку "Град-П" (відео)

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/ukra%d1%97nski-tankisti-pokazali-yak-u-stepu-sxovali-leopard-za-dimovu-zavisu-video
Title: Українські танкісти показали, як у степу сховали Leopard за димову завісу (Відео)

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/08/shho-robiti-yakshho-vzuttya-promokaye-3-byudzhetnix-lajfxaki
Title: Що робити, якщо взуття промокає: 3 бюджетних лайфхаки

Search URL Search Domain Scan URL

URL: https://novosti24.kyiv.ua/kurjozi/18-modnits-yaki-tochno-znayut-de-shukati-klasni-rechi/
Title: 18 модниць, які точно знають, де шукати класні речі

Search URL Search Domain Scan URL

URL: https://dailynews.kyiv.ua/lifestyle/yak-bez-problem-perezhiti-speku-4-diyevih-lajfhaki/
Title: Як без проблем пережити спеку: 4 дієвих лайфхаки

Search URL Search Domain Scan URL

URL: https://news24.in.ua/lifestyle/yak-zrobiti-tak-shhob-kishka-ne-derla-shpaleri-i-mebli-diyevi-sposobi-2.html
Title: Як зробити так, щоб кішка не дерла шпалери і меблі: дієві способи

Search URL Search Domain Scan URL

URL: https://joy-pup.com/ua/holidays-ua/gorihovij-spas/
Title: Горіховий Спас 2023: традиції, прикмети, коли святкувати?

Search URL Search Domain Scan URL

URL: https://novosti24.kyiv.ua/retsepti/omlet-iz-kurkoyu-ta-tomatami-2/
Title: Омлет із куркою та томатами

Search URL Search Domain Scan URL

URL: https://useti.org.ua/retsepti/listkovij-salat-gribna-galyavina/
Title: Листковий салат “грибна галявина”

Search URL Search Domain Scan URL

URL: https://odnaminyta.com/reczepti/261626-gotuu-take-pechyvo-dytyni-do-shkoly-pojyvne-smachne-a-golovne-korysne-recept-duje-prostyi-pid-sylu-kojnomu?utm_source=ukr.net
Title: Легкий рецепт легкого горіхового печива до чаю

Search URL Search Domain Scan URL

URL: https://sensatsiya.com/kulinariya/drugi-stravy/74517-snidanok-dlya-ledachyh-smachnishyi-za-syrnyky-recept-linyvyh-varenykiv-yaki-ne-postupautsya-zvychainym?utm_source=ukr.net
Title: Рецепт приготування лінивих вареників на сніданок

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/154016-likari-rozpovily-v-iakyh-vypadkakh-mozhut-shkodyty-iabluka.html
Title: Лікарі розповіли, в яких випадках можуть шкодити яблука

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpd&utm_campaign=banner_shiny-diski_brendirovanie-toplivo&utm_content=120-77

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aries/today.html
Title: Овен

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/taurus/today.html
Title: Телець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/gemini/today.html
Title: Близнюки

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/cancer/today.html
Title: Рак

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/lion/today.html
Title: Лев

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/virgo/today.html
Title: Дiва

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/libra/today.html
Title: Терези

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/scorpio/today.html
Title: Скорпiон

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/sagittarius/today.html
Title: Стрiлець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/capricorn/today.html
Title: Козоріг

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aquarius/today.html
Title: Водолій

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/pisces/today.html
Title: Риби

Search URL Search Domain Scan URL

URL: http://orakul.com/sonnik/
Title: Сонник

Search URL Search Domain Scan URL

URL: http://orakul.com/imena/
Title: Тлумачення імен

Search URL Search Domain Scan URL

URL: http://orakul.com/taro/
Title: Таро

Search URL Search Domain Scan URL

URL: https://shinadiski.com.ua/
Title: Шини для авто та диски

Search URL Search Domain Scan URL

URL: https://www.zapchast.com.ua/
Title: Автозапчастини

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=link_shiny-diski_ssylka-na-glavnoy&utm_content=text
Title: Авторезина та диски

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/
Title: Купити нове авто

Search URL Search Domain Scan URL

URL: https://autoshini.com/?utm_source=ukr.net
Title: Шини та диски

Search URL Search Domain Scan URL

URL: http://transshina.com.ua/
Title: Автошини та диски

Search URL Search Domain Scan URL

URL: https://ukrguma.com.ua/poroshkove-farbuvannya/
Title: Фарбування дисків

Search URL Search Domain Scan URL

URL: http://kiaparts.com.ua/
Title: Запчаст. Kia, Hyundai

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_liberti-967/
Title: Інфініті ВІДІ Ліберті

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_insite-1120/
Title: CR-V Hybrid в наявності

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Toyota_center_odessa_vidi_palmira-1038/#Id=7316;event=news;_page=news_item;tab=news_tab;ajax=1
Title: Toyota з вигодою до -5%

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_armada-993/
Title: Ніссан ВІДІ Армада

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_avtostrada-961/
Title: Corolla в наявності

Search URL Search Domain Scan URL

URL: https://www.optics-pro.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=optica
Title: Оптика для полювання

Search URL Search Domain Scan URL

URL: https://ukroptica.com.ua/
Title: Тепловізори і оптика

Search URL Search Domain Scan URL

URL: https://www.aks.ua/uk/
Title: Мобільні аксесуари

Search URL Search Domain Scan URL

URL: https://sotnyk.net/ua/teplovizory/
Title: Військові тепловізори

Search URL Search Domain Scan URL

URL: https://helplist.io/
Title: Об'єднання волонтерів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/687761881312683
Title: Свалявський рух опору

Search URL Search Domain Scan URL

URL: https://dovidka.info/
Title: Dovidka.info

Search URL Search Domain Scan URL

URL: https://savelife.in.ua/donate/
Title: Підтримка армії

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/create?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_host&utm_id=ukrnet
Title: Житло біженцям

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/about/support-the-armed-forces
Title: Допомога ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/president.gov.ua
Title: Офіс Президента

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KabminUA
Title: Кабінет Міністрів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mvs.gov.ua
Title: Мін. внутрішніх справ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MNS.GOV.UA
Title: ДСНС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TerritorialDefenseForces
Title: ТерО ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUStratCom
Title: СтратКом ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dsszzi
Title: Держспецзвʼязок

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUkraine
Title: ЗС України

Search URL Search Domain Scan URL

URL: https://sprotyv.mod.gov.ua/
Title: Центр нац. спротиву

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeneralStaff.ua
Title: Ген штаб ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MinistryofDefence.UA
Title: Міністерство оборони

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UA.National.Police
Title: Національна поліція

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DPSUkraine
Title: ДПС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NGUmainpage
Title: Нацгвардія України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StratcomCentreUA
Title: Центр інф. безпеки

Search URL Search Domain Scan URL

URL: https://www.facebook.com/navy.mil.gov.ua
Title: ВМС ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CinCAFU
Title: Головнокомандувач

Search URL Search Domain Scan URL

URL: https://klubnatura.pl/pages/solidarni-z-ukraina
Title: Допомога в Польщі

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/03/11/247770/
Title: Пошук житла

Search URL Search Domain Scan URL

URL: https://www.immobilienscout24.de/lp/hilfe-fuer-die-ukraine.html
Title: Житло в Німеччині

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/
Title: Прихисток для біженців

Search URL Search Domain Scan URL

URL: https://chytomo.com/dlia-kulturnykh-diiachiv-i-osvitian-dopomoha-i-pratsevlashtuvannia-za-kordonom/
Title: Працевлаштування за кордоном

Search URL Search Domain Scan URL

URL: https://zib.com.ua/ua/151001-timchasoviy_zahist_na_kipri_mozhlivosti_dlya_ukrainciv.html
Title: Допомога на Кіпрі

Search URL Search Domain Scan URL

URL: https://www.bamf.de/DE/Themen/AsylFluechtlingsschutz/ResettlementRelocation/InformationenEinreiseUkraine/informationen-einreise-ukraine-node.html
Title: Допомога в Німеччині

Search URL Search Domain Scan URL

URL: https://www.ukrainetakeshelter.com/
Title: Розміщення біженців

Search URL Search Domain Scan URL

URL: https://www.facebook.com/752118234860641/posts/7149925781746489/?d=n
Title: Сайти допомоги

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_guest&utm_id=ukrnet
Title: Безкоштовне житло в Україні

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/culture/puteshestviya/kijiv-vilnyus-shcho-maye-znati-kozhen-ukrajinskiy-bizhenec.html
Title: Допомога у Вільнюсі

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/bizhenci-z-ukrajini-do-latviji-yak-i-de-peretnuti-kordon-otrimati-dopomogu-robotu-ta-de-zhiti-50228296.html
Title: Допомога у Латвії

Search URL Search Domain Scan URL

URL: https://t.me/miUkraune
Title: Міністерство інфраструктури України

Search URL Search Domain Scan URL

URL: https://t.me/uksatse_official
Title: Украерорух

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uspa.gov.ua
Title: Адміністрація морських портів України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DSBT.UA
Title: Державна служба України з безпеки на транспорті (ДСБТ)

Search URL Search Domain Scan URL

URL: https://t.me/UkrzalInfo
Title: Укрзалізниця

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airportboryspil/
Title: Міжнародний аеропорт “Бориспіль”

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lvivinternationalairport/
Title: Міжнародний аеропорт “Львів”

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_5_1.pdf
Title: ФОП 3-ї групи ЄП-5%

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_2_1.pdf
Title: ФОП 3-ї групи ЄП 2%

Search URL Search Domain Scan URL

URL: https://trafmag.com/

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=Nzl8MTM4NzJ8NDUuMTQxLjE1Mi43N3w3MjgxMjI5NXwxNjkzMjg5MjkxfDA3ZjAwMTEwNzhhYjY2NTJhZDMzYzM1YjcwYmU0YmVlfDMzMw==&vid=1527703231253355

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=Nzl8MTM4NzJ8NDUuMTQxLjE1Mi43N3w3MjgxMjI5OHwxNjkzMjg5MjkxfDNiNDQ4ZjRiYzMyMzViMGNhZmVhMTk3ODNjZjk2MDc2fDMzMw==&vid=1527703231253355

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=Nzl8MTM4NzJ8NDUuMTQxLjE1Mi43N3w3MjgxMjI5NnwxNjkzMjg5MjkxfDFlN2ZlYjVlOGM5NmZhOTYxNjlhYTYwODYzMjBkMTU4fDMzMw==&vid=1527703231253355

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=Nzl8MTM4NzJ8NDUuMTQxLjE1Mi43N3w3MjA3NjgwNXwxNjkzMjg5MjkxfDQyN2UzNzBlNDU0YTE5YTYwNmUyNDIzOTU4MTAzYjc2fDMzMw==&vid=1527703231253355

Search URL Search Domain Scan URL

URL: https://mgid.com/

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16927924/i/57452893/0/pp/1/1?h=WP-enhY7ZMZsb2jHg1CPNckBQPOrpRWS1rkzYu3sXpnLrsxN0Q7H0AK8Z1G9ckYItuDnMkXHfyNzLFdA1pqmtg**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16984742/i/57452893/0/pp/2/1?h=WP-enhY7ZMZsb2jHg1CPNTat_F65FG1Spy_o1FT8FoF9lL-eeI120pkPDcjBhIUsDpr17xkFUtyIuM38p9YFWg**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17018910/i/57452893/0/pp/3/1?h=WP-enhY7ZMZsb2jHg1CPNY4LGfQ3REa_QLV62UBNtYZRjO1p6jE1akkZXMWPyPhYUw6bli6yHaZgBdsthEN6zw**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16829240/i/57452893/0/pp/4/1?h=WP-enhY7ZMZsb2jHg1CPNVbBeVDlkCT-3mZg5yWKNt2_uGEoRG6Av-6KnzwVMhLCpbjzpkmOK6iJp_SH1w3rRA**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16067134/i/57452893/0/pp/5/1?h=WP-enhY7ZMZsb2jHg1CPNbJe9bRp7xEGgL33n8d7EcZylhR0SLgMwlcbqyNPSafCkXDpdXmM_VKZyNUBTyCKLw**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16973555/i/57452893/0/pp/6/1?h=WP-enhY7ZMZsb2jHg1CPNXlRV1u3Y33tSUgJ9mOpdMGLV693zVewqktHDUKbkvsFfQEHDicFKU5h6K-nbdKvBg**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17042075/i/57452893/0/pp/7/1?h=WP-enhY7ZMZsb2jHg1CPNY_aN_8sUUECkq3H0kTes3NhWy8gZoZfsfA7DYQXrDR2Kgx7AYrGwWuuOEQBsqHfKw**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15746237/i/57452893/0/pp/8/1?h=WP-enhY7ZMZsb2jHg1CPNbtY8835Hv3dCJa9ZdTWa4vrGPvb1r2QSDpd32QSMahHDHygQ6fmDedWHTQGFwG6uQ**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16857693/i/57452893/0/pp/9/1?h=WP-enhY7ZMZsb2jHg1CPNYiv7Cr6dGYBdL4CC4u3CxoeOBBXhU8LB6jyBSYL-ot8gRs1MAioyCNP4onBNU9EeA**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16653263/i/57452893/0/pp/10/1?h=WP-enhY7ZMZsb2jHg1CPNQmoB5Cirb-D5hYxWMyNbjn68PpX5y5yuGlo2u2gItwZVCQOrfKZLm4rHD6XdOh6hA**&rid=6e76e585-4632-11ee-aa50-e43d1a2a53a0&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*

Search URL Search Domain Scan URL

URL: http://adline.kiev.ua/
Title: Реклама на порталі

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/password_recovery
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/reg
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://zakladki.ukr.net/index.php?action=export
Title: Скачати

Search URL Search Domain Scan URL

URL: http://zakladki.ukr.net/
Title: +ukr.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://mail.ukr.net/widget?lang=uk&theme=default HTTP 303
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Request Chain 82

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=lgrN23xEMFVNblMwaGxnZzBuajJ3QzFYSVBwMUxJMFNrSlIzbGRhUnorWXJScmN3K0hla2dmTnlGZHlSbjVKbDZ0dHRkTVVxZ2QxSU5Md2tsTDFOdDNSMHd6b1k3Y3pwRkRNc1JsakpiRDZpZlA4VnZBQ3lBS3VGcWtXNFg4b2hZRDRyeDdLM0RDaXVDSnM1a0d6ZVZVa2VoSS9LTzNubHV1K29PN1Z5MzdIcnlaUkUrcTJSakxHelFNRytvVTFYS3NSZU5nSkRmSUQ5Tkc5WFM0SFhwaXE4YzNPTFpNb0JZZTY3eTU1T0FwWkJBb3VsQXRaa0dEWnJTL3BQaXZZWnViRi8vcXNyVXhVVjVhOHlFakl1V2NscHNtdz09fA&cppv=2

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO2LTPdiQa3tLolNj75fzgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsQC-NquLlwzhEJQSqISus&google_cver=1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAxOTY2Nzg1MDgwMDE5MzM0NQ%3D%3D

Request Chain 116

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=488bc20d-700d-49dc-b26b-349e5e331e91

Request Chain 118

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ca3fda87168c4f92

Request Chain 146

https://fw.adsafeprotected.com/rfw/st/1450266/71191519/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012305835&ias_pubId=pub-2923577365468476&ias_chanId=1&ias_placementId=20240023183&bidurl=https://www.ukr.net/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hj24pGDzwxR1NCcATS80OA&adContainerId=brand_safety_TIvtZN39H5i79u8Pmd-NkAU&cbFunctionName=goog_wrapCb_TIvtZN39H5i79u8Pmd-NkAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.ukr.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ukr.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bdb054b7-2534-560d-7139-685989bfd1c7,c:mF3WNP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-prxwp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:5,mot:0,app:0,maw:0,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:53,oid:6f7a9e04-4632-11ee-840a-bee1e4b361f5,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_TIvtZN39H5i79u8Pmd-NkAU&cbFunctionName=goog_wrapCb_TIvtZN39H5i79u8Pmd-NkAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

Request Chain 189

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 190

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 215

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5kWlTIvtZOiIG4v67_UPy7632AOon_O5ctrKqtuzEdzZHhABIOefw5kBYJXikIKgB6ABy-H4lwPIAQmpAnoid4ZvEmg-4AIAqAMByANIqgSLAk_Qu3L3eVXF5QZAzWCDKdK7tiyJQrMY1sTFGLZgD_QzPA0y0ht6YxUFf0pqTtOSu3EGpwWgHv6KQ_GtAW8IXqoPnBsXUygbXiA-DGOl8WpStv2j4Pl2qBlgaQBfCFtLkZaOmx2Ca1g3Y6mVs2Kaxyct_RWu4BgR7ry1y9sV29hedaebGRnsqMGNO9qpE5u4zWbX9bMza_rICwwWAc6k6rEW1-yVxmKPZtPSsBHa-6cMB5oc9i2K1lA-LtLAwHzEAc8ejgMNdBKB2PFk3yFoH1EwZtIYeNAIPunXIDnJMPcZEgkmYrFXjjL1BnwpcxuQgOVV7DUrhX-VkXMdQHMNNk_jX0Bi-GeHMY7gpMAEm_-s058E4AQBiAWu1rusQZIFBAgEGAGSBQQIBRgEoAYugAednodoqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ84VG0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJFGh0dHBzOi8vemFyaWR0ZXNpLmN6gAoDyAsB2BMN0BUBmBYBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=5w3BpAanF5Y&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWmZ7qiLlg5t6xjzrxU4DBo2bTg5wZZJy4WAN766kdCTbhTdgTsNwF_SkW5u89mUbvIjFzpeHrGAE&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22498939257094922453%22,%22debug_reporting%22:true,%22destination%22:%22https://zaridtesi.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22855519435%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221612784529938473841%22}&andc=true

Request Chain 221

https://securepubads.g.doubleclick.net/pagead/adview?ai=C9_soTIvtZOqIG4v67_UPy7632AOon_O5cs25mqaCEdzZHhABIOefw5kBYJXikIKgB6ABy-H4lwPIAQmpAnoid4ZvEmg-4AIAqAMByANIqgSOAk_Q1ghbyseQ_uJm1mzFCQ0spA7Q8o3F2fURkdTbAjBUmVgcKaA3A6gNEdG_EzfcMX_3GbnoxtdANsqncidP_28cQRWrDgO-fUeFZeDQ4vwmFKvHjWQk62h_WB31esfGlH3bXF3MtHkOCc5yT63sfl8D4alHQwugNGxByd96EjuNdoxCafow4HWC1YQOXCRYr46q6RTO4BGBksXFuB_mR8SdLfsSrDbnyGpsvkpTumBGSrjKc74FQn_OJGbcMARJl6wBFF-YDx0flXllpA1kWB6lsG_Dzjkr-2tosPdlYwLPoTij9lprQRFmObOHJ5dUyHLzcucpb_1VH-eXpts556uq4oeNWjBw0PktLwzn1sAE44Ct058E4AQBiAWu1rusQZIFBAgEGAGSBQQIBRgEoAYugAednodoqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ7IcO0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJFGh0dHBzOi8vemFyaWR0ZXNpLmN6gAoDyAsB2BMN0BUBmBYBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=5EUPEThreoU&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWmZ7qiLlg5t6xjzrxU4DBo2bTg5wZZJy4WAN766kdCTbhTdgTsNwF_SkW5u89mUbvIjFzpeHrGAE&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212418913345127540339%22,%22debug_reporting%22:true,%22destination%22:%22https://zaridtesi.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22855519435%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222929339779582106113%22}&andc=true

237 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ukr.net/
Redirect Chain

http://ukr.net/
https://ukr.net/
https://www.ukr.net/

164 KB
43 KB

48ms
23ms

Document
text/html

104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a866b1971b0c1324a03d0dab86329ba04a9020b9dbffd3bec147604b7662f58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-cache-status: DYNAMIC
cf-ray: 7fe29e330a762c2d-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 29 Aug 2023 06:08:10 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7fe29e3259c12c2d-FRA
content-type: text/html
date: Tue, 29 Aug 2023 06:08:10 GMT
location: https://www.ukr.net/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 top_links.css
upst.fwdcdn.com/css/1692357341/ 1 KB
761 B 93ms
17ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 931912
etag: W/"64df52f2-48c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
cf-ray: 7fe29e33beb79a39-FRA
expires: Wed, 28 Aug 2024 06:08:10 GMT

GET
H2 200 /
upst.fwdcdn.com/css/ 4 KB
2 KB 102ms
26ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
cf-ray: 7fe29e33bebb9a39-FRA
expires: Wed, 28 Aug 2024 06:08:10 GMT

GET
H2 200 main.css
upst.fwdcdn.com/css/6/portal/ 44 KB
8 KB 97ms
21ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/6/portal/main.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 12:31:02 GMT
server: cloudflare
age: 7061752
etag: "6481ca06-204a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe29e33bebc9a39-FRA
content-length: 8266
expires: Wed, 28 Aug 2024 06:08:10 GMT

GET
H2 200 _desktop.js Show response
www.ukr.net/news/ 20 B
210 B 19ms
18ms Script
application/x-javascript 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/news/_desktop.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Aug 2023 04:33:49 GMT
server: cloudflare
age: 5661
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7fe29e334ab62c2d-FRA
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2023 10:08:10 GMT

GET
H2 200 concat.js Show response
upst.fwdcdn.com/js/4/portal/ 167 KB
52 KB 94ms
18ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 May 2023 14:23:02 GMT
server: cloudflare
age: 7919031
etag: "6474b546-cc89"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe29e33bebe9a39-FRA
content-length: 52361
expires: Wed, 28 Aug 2024 06:08:10 GMT

GET
H2 200 main.js Show response
upst.fwdcdn.com/js/10/portal/ 61 KB
17 KB 98ms
22ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/10/portal/main.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Jun 2023 10:06:02 GMT
server: cloudflare
age: 5256053
etag: "649d578a-42fb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe29e33bebf9a39-FRA
content-length: 17147
expires: Wed, 28 Aug 2024 06:08:10 GMT

GET
H2 200 zakladki_v2.min.js Show response
zakladki.ukr.net/bookmarks/js/ 104 KB
19 KB 59ms
32ms Script
application/javascript 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 10:42:05 GMT
server: cloudflare
age: 522844
etag: W/"5f366a7d-19e00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7fe29e342b892c2d-FRA
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 970x90.png
upst.fwdcdn.com/img/ 3 KB
3 KB 28ms
23ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/970x90.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 578952
etag: "6447ce22-cd3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e342f1f9a39-FRA
content-length: 3283
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 logo_ua1295e8a41bfde5b20926b9964fe0dc51.gif
upst.fwdcdn.com/temp/holidays/12718/ 6 KB
6 KB 24ms
18ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12718/logo_ua1295e8a41bfde5b20926b9964fe0dc51.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159610fca2ef77dd04e533542154e5afecabeffe50633e7f4c194c8d9b7b6829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Aug 2023 05:06:00 GMT
server: cloudflare
age: 3665
etag: "64ed7cb8-18ce"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe29e342f259a39-FRA
content-length: 6350
expires: Tue, 29 Aug 2023 10:08:10 GMT

GET
H2 200 title_img_ua1295e8a41bfde5b20926b9964fe0dc51.gif
upst.fwdcdn.com/temp/holidays/12718/ 1 KB
1 KB 26ms
20ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12718/title_img_ua1295e8a41bfde5b20926b9964fe0dc51.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c982dd07b1bb5e97929531d385fac654706de72c633197db9075b8abc8054e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Aug 2023 05:06:00 GMT
server: cloudflare
age: 3665
etag: "64ed7cb8-41e"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe29e342f279a39-FRA
content-length: 1054
expires: Tue, 29 Aug 2023 10:08:10 GMT

GET
H2 200 fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 4 KB
4 KB 25ms
20ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Oct 2014 14:11:04 GMT
server: cloudflare
age: 340853
etag: "542eae78-1134"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e342f289a39-FRA
content-length: 4404
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 5 KB
5 KB 26ms
21ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Oct 2014 10:17:53 GMT
server: cloudflare
age: 340888
etag: "5437b251-134e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e342f299a39-FRA
content-length: 4942
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 300x250.png
upst.fwdcdn.com/img/ 4 KB
4 KB 22ms
17ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x250.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 578842
etag: "6447ce22-e74"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e342f2b9a39-FRA
content-length: 3700
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 300x145.png
upst.fwdcdn.com/img/ 3 KB
3 KB 20ms
16ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x145.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 503136
etag: "6447ce22-a9f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e342f2c9a39-FRA
content-length: 2719
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 5 KB
5 KB 23ms
19ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 519716
etag: "51b860f4-140f"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e342f2e9a39-FRA
content-length: 5135
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 email-decode.min.js Show response
www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
848 B 9ms
8ms Script
application/javascript 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
etag: W/"64e60500-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fe29e33fb5b2c2d-FRA
expires: Thu, 31 Aug 2023 06:08:10 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 141ms
104ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fe29e346d9c1ca1-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
61 KB 57ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6d1cf2f024da2d5f38b39ffcf102a96bd2ffe0e57823be9ebc575eda29f8870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 61861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 06:08:10 GMT

GET
H2 200 hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/470358/ 920 B
1 KB 63ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/470358/hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 12:00:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 487
etag: W/"64ec8c7b-398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWJPwZ1A9ibyEb3LqEfnetiATjrYtv1rvMYWi9I%2FMzHVoCMkJcLFllpE%2F%2BS%2FGj67qM%2FCXxFnEsk4RempR5fvo%2BKHlHtOfuiwaCC4C6jzbuo0gUFnQbFMEE6Cn5kZKuow9OpO7NmjGA9tqmKEQFIxIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7fe29e347bd518dc-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 06:15:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 147ms
75ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a66f54738a35c5f6b4a40fe2f668f04c9bffa50ca140aff93c7b47c2c495c2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28913
x-xss-protection: 0
server: cafe
etag: 141 / 19598 / 31077384 / config-hash: 14272654897614254602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 06:08:11 GMT

GET
H2 200 wrapper_hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/470358/ 2 KB
1 KB 65ms
19ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/470358/wrapper_hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c582ba709c34c5b608b4779ecbd4b7415b847f040ae474a5bc2c2517aff97131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 12:00:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 487
etag: W/"64ec8c7b-865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwsIghiYquvH8jW%2FFoLXtarMR2Ul12pjFZYaTxHcNTT6aWQsPGizHv%2Fzeoor6FHI1L7QDlTAws6btI20ZFKU9nEBKl3NvuNcgy5pI%2FjRaIQnSqXNVdCamYY3eWJfn%2BgPBkGuIZZov0i0doYJMknnrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7fe29e347bd618dc-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 06:15:03 GMT

GET
H2 200 test Show response
accounts.ukr.net/public/access/ 2 B
271 B 68ms
6ms XHR
text/plain 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/public/access/test?_=1693289290910
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
x-upstream: 4210.10.20.48:5080
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length: 2

GET
H2

200

https://mail.ukr.net/widget?lang=uk&theme=default
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

1 KB
1 KB

13ms
11ms

Document
text/html

212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

frvdc-253.fwdcdn.com

Software

nginx /

Resource Hash

1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://.ukr.net http://.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://.ukr.net; report-uri /csp-blocked
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://www.ukr.net/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Tue, 29 Aug 2023 06:08:10 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-frame-options: ALLOW-FROM https://www.ukr.net/
x-upstream: 4210.10.20.49:5080
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Tue, 29 Aug 2023 06:08:10 GMT
location: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server: nginx

GET
H2 200 5ysrIfrF92 Show response
go.rcvlink.com/ifr/ Frame 9106 15 KB
7 KB 98ms
13ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 29 Aug 2023 06:08:11 GMT
etag: W/"63c6f377-3b12"
expires: Wed, 30 Aug 2023 06:08:11 GMT
last-modified: Tue, 17 Jan 2023 19:13:59 GMT
server: nginx

GET
H2 200 v2 Show response
a4p.adpartner.pro/jsunit/jsonp/ 1 KB
881 B 333ms
267ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery30003395537924244032_1693289290885&_=1693289290886
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: b1331b8583c21d0dd94a74f7607d5a0f08857a047f8fbd2acd0be1f7dabf38f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show_json/ukrnet/ 491 B
709 B 203ms
97ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery30003395537924244032_1693289290887&_=1693289290888

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

442a6f2369910c3da7e7b7dbf514421aab994d2b13e88e3fe76d677e982c5447

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
strict-transport-security: max-age=15768000, max-age=15768000
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
content-type: text/html; charset=utf-8

GET
H2 200 grey-pix.gif
upst.fwdcdn.com/img/ 53 B
133 B 24ms
21ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/grey-pix.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 340940
etag: "51b860f4-35"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e346f569a39-FRA
content-length: 53
expires: Tue, 05 Sep 2023 06:08:10 GMT

GET
H2 200 ukrnet2.js Show response
trafmag.com/ 4 KB
4 KB 98ms
33ms Script
application/json 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/ukrnet2.js?callback=jQuery30003395537924244032_1693289290889&_=1693289290890

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

f47c3ef25a7aa936e3df70ce48e789008a1af3ae09c916f2767efff118299366

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: application/json; charset=utf-8
date: Tue, 29 Aug 2023 06:08:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 1119189 Show response
servicer.mgid.com/ 8 KB
3 KB 103ms
60ms Script
application/json 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119189?callback=jQuery30003395537924244032_1693289290891&_=1693289290892
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0225ad148a6425c6d2ee72866d2a7d340849c8ee78ad8e569f6b24c7f361e318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7fe29e350ff7921a-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 addlink.gif
zakladki.ukr.net/bookmarks/img/ 2 KB
2 KB 25ms
25ms Image
image/gif 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zakladki.ukr.net/bookmarks/img/addlink.gif

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
last-modified: Tue, 20 Aug 2013 02:30:01 GMT
server: cloudflare
age: 522024
etag: "5212d4a9-6dc"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e34dc3f2c2d-FRA
content-length: 1756
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/c5/ 1 B
415 B 101ms
46ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/c5/cnt.php?rand=0.9853115139472459&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 29 Aug 2023 06:08:10 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/portal/ 314 B
704 B 62ms
7ms Script
application/octet-stream 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.5664615909671114&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: c6f9e409f4cc2819795476a140145f1c9aa739a20b4e28b26a88a67f5a144987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 29 Aug 2023 06:08:10 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/lid/329/ 1 B
415 B 101ms
47ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/lid/329/cnt.php?rand=0.17653778198179504&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 29 Aug 2023 06:08:10 GMT

GET
H2 200 hbp_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 463 KB
147 KB 85ms
13ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/470358/hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c722d43155880ad69d2c7d6d7e603b15cecb2f1a7a3a1687cf11fdce7f869b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 31 Aug 2023 06:08:11 GMT
date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 12:00:59 GMT
server: nginx
etag: W/"64ec8c7b-73bec"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hbw_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/OSala/ 164 KB
44 KB 118ms
47ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/OSala/hbw_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/470358/wrapper_hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ceb4320aea044e4f550608b78af04b1a71ec70384af554533ea24a5186f1b074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 31 Aug 2023 06:08:11 GMT
date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 12:00:59 GMT
server: nginx
etag: W/"64ec8c7b-28ee0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
85 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8b285dc042fb3dd1a05bbf719c13619f2e5e1966eca10033a1852c2dfae9f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 06:08:11 GMT

GET
H2 204 /
loadercdn.net/ 0
170 B 219ms
45ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?u=360b17304b62cf05&d=www.ukr.net
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 06:08:11 GMT
server: openresty

GET
H2 200 bundle.css
accounts.ukr.net/widget/login/css/ Frame 0004 11 KB
3 KB 17ms
14ms Stylesheet
text/css 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:00:13 GMT
server: nginx
etag: W/"64df5d4d-2c24"
content-type: text/css
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Tue, 12 Sep 2023 06:08:11 GMT

GET
H2 200 bundle.js Show response
accounts.ukr.net/widget/login/js/ Frame 0004 161 KB
44 KB 18ms
15ms Script
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:00:13 GMT
server: nginx
etag: W/"64df5d4d-28496"
content-type: application/javascript
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Tue, 12 Sep 2023 06:08:11 GMT

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 9106 34 B
227 B 19ms
17ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b66a59e4c23995652b5f0e0101c3b64009c8143d999cc58d7f14154f81d3d37f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 06:08:11 GMT
cache-control: private, max-age=63115200
content-encoding: gzip
content-type: text/javascript;charset=utf-8
server: nginx
expires: Thu, 28 Aug 2025 21:08:11 +0300

GET
H2 200 start.json Show response
www.ukr.net/ajax/ 42 KB
15 KB 28ms
28ms XHR
application/json 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/ajax/start.json

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc7b62cdb853f680c869e374b1d3f8319236bee5bc8ba430de527e1f4af1cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7fe29e35fd5d2c2d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ 404 KB
127 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44532
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 17:45:59 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/portal/ 1 B
415 B 24ms
9ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.5664615909671114&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.5664615909671114&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Tue, 29 Aug 2023 06:08:10 GMT

POST
H2 200 csp-blocked
accounts.ukr.net/ Frame 0004 2 B
99 B 9ms
7ms Other
text/html 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/csp-blocked
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/csp-report

Response headers

x-upstream: 42, 42127.0.0.1:8082
date: Tue, 29 Aug 2023 06:08:11 GMT
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 1693289291319.html Show response
www.ukr.net/view/main/99442158,9725,737,150,2,121,304,144,50,32,12,43,153,3,299,28,54,35,17,61,15,4,9,21,11,17,21,18,3,10,22,4,10,11,2,15,73,13,21,36,7,2,3,16,1,8,13,7,2,1,1,1,12,3,6,4,4,1,4,5,5,15... 0
83 B 17ms
17ms XHR
text/plain 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/view/main/99442158,9725,737,150,2,121,304,144,50,32,12,43,153,3,299,28,54,35,17,61,15,4,9,21,11,17,21,18,3,10,22,4,10,11,2,15,73,13,21,36,7,2,3,16,1,8,13,7,2,1,1,1,12,3,6,4,4,1,4,5,5,15,2,2,7,1,7,4,5,2,11,21,3,8,9,1,2,4,18,2,10,5,10,2,2,22,4,4,2,1,1,4,18/1693289291319.html

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
etag: "51b860f4-0"
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/plain
accept-ranges: bytes
cf-ray: 7fe29e36ce2c2c2d-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 top_links.png
upst.fwdcdn.com/img/1692357341/ 3 KB
3 KB 16ms
15ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1692357341/top_links.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/1692357341/top_links.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 327112
etag: "64df52f2-b6b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3729a99a39-FRA
content-length: 2923
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 395 B
397 B 14ms
13ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 340854
etag: W/"6076e064-18b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7fe29e3729aa9a39-FRA
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 461 B
316 B 16ms
16ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 340615
etag: W/"6076e064-1cd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7fe29e3729ac9a39-FRA
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 dot.svg
upst.fwdcdn.com/img/portal/main/ 650 B
506 B 19ms
19ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 340941
etag: "637656b5-18e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3729ae9a39-FRA
content-length: 398
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 arrow.svg
upst.fwdcdn.com/img/portal/main/ 233 B
265 B 22ms
22ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 340941
etag: "637656b5-bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3729af9a39-FRA
content-length: 188
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 pinformer4.php Show response
pinformer.sinoptik.ua/ Frame E6BC 6 KB
2 KB 429ms
10ms Document
text/html 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: b57672b8a627ac0c901d57d85207612467b1f7a4028fb2e4dd1a9fce4f3fb4cf

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Tue, 29 Aug 2023 06:13:11 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 283ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je38n0&_p=1902011504&_gaz=1&cid=538104153.1693289292&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693289291&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 292ms
20ms Ping
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-75WQ2FHNW7&cid=538104153.1693289292&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 289ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-75WQ2FHNW7&cid=538104153.1693289292&gtm=45je38n0&aip=1&z=1353940483

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 9106 0
490 B 25ms
25ms XHR
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=tp7c7d3ZvG763h0&ver=230117-2113&w=200&h=0&vw=200&ms=489.1&me=0&ref=&
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2023 06:08:11 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/javascript;charset=utf-8
hn: b29
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Tue, 29 Aug 2023 09:08:11 +0300

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/742150/ 2 KB
1 KB 21ms
6ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/742150/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d8ac0fe694d069e764924717f5ed323ebd0759baeb61d29a10ceb8591a8ab950

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

expires: Thu, 31 Aug 2023 06:08:11 GMT
date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Sun, 27 Aug 2023 12:02:29 GMT
server: nginx
etag: W/"64eb3b55-8a3"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 200 z Show response
s.zfctrack.net/ Frame 0975 102 B
450 B 254ms
50ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zfctrack.net/z
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 76682e8cba253d256ac67cfc29c41351a9f6f4cf9a928a0e056e5ba9d1652d8e

Request headers

Content-Type: text/plain;charset=UTF-8
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 147 B
414 B 607ms
85ms XHR
application/json 209.205.197.154
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/OSala/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: a4c8b93bda11324a8af7e2cea5b32a4974c59e72eaa0de66288110f68bdd0d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 147

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 607ms
87ms XHR
image/gif 209.205.197.154
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=742228&site_id=17438&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=vwq3ck.xd&features=81952&vpbv=A168&lifecycle_tte=1218
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/OSala/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 103ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Aug 2023 06:08:11 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
20 KB 395ms
394ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3279634773728220&correlator=4482063362276932&eid=31077255%2C31077365%2C31077384&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C120x600%7C160x600%2C300x145%7C300x175&ifi=1&sfv=1-0-40&fsfs=0%2C1&fsbs=1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693289291866&lmt=1693282091&adxs=130%2C995&adys=89%2C446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=1600x4817%7C300x145&msz=160x-1%7C300x145&fws=512%2C512&ohw=0%2C0&ga_vid=538104153.1693289292&ga_sid=1693289292&ga_hid=1902011504&ga_fc=true&dlt=1693289290750&idt=1027&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=3371586687%2C216364347&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f87e58d4ea5d34b4967e3c7a8c44087af84e9471bf43dbd0e36afd46eaac2cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19959
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F9A 6 KB
3 KB 99ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Wed, 28 Aug 2024 06:08:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 599 acquire Show response
accounts.ukr.net/api/v1/token/verification/ Frame 0004 27 B
121 B 7ms
6ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

x-upstream: 4210.10.20.49:5080
date: Tue, 29 Aug 2023 06:08:11 GMT
server: nginx
content-length: 27
content-type: application/json

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 0004 58 KB
17 KB 10ms
9ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?64280814ffe96cfa63b8
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:00:13 GMT
server: nginx
etag: W/"64df5d4d-e602"
content-type: application/javascript
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Tue, 12 Sep 2023 06:08:11 GMT

GET
H2 200 swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame E6BC 11 KB
3 KB 7ms
6ms Stylesheet
text/css 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:04:12 GMT
server: nginx
etag: W/"5f620d4c-2deb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Thu, 28 Sep 2023 06:08:11 GMT

GET
H2 200 swPortal4.js Show response
pinformer.sinoptik.ua/js/15/ Frame E6BC 115 KB
38 KB 11ms
10ms Script
application/x-javascript 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 14:54:44 GMT
server: nginx
etag: W/"5f622734-1cc1f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000, public
expires: Thu, 28 Sep 2023 06:08:11 GMT

GET
H2 200 t.gif
pinformer.sinoptik.ua/img/ Frame E6BC 43 B
232 B 7ms
7ms Image
image/gif 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/t.gif
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 43
expires: Thu, 28 Sep 2023 06:08:12 GMT

GET
H2 200 2_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6BC 2 KB
2 KB 11ms
11ms Image
image/jpeg 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/2_0.jpg
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 08fc807b6f0761f04903226d1362561623318797ff556534439d94a6810aa979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-6e1"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1761
expires: Thu, 28 Sep 2023 06:08:12 GMT

GET
H2 200 / Show response
www.ukr.net/sinoptik/102925533/ Frame E6BC 0
374 B 18ms
18ms Script
application/x-javascript 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ukr.net/sinoptik/102925533/
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1693289290962
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:11 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 29 Aug 2023 06:08:11 UTC
server: cloudflare
etag: "51b98b6a-0"
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges: bytes
cf-ray: 7fe29e3aa9ad2c2d-FRA
content-length: 0
expires: Tue, 29 Aug 2023 06:08:11 UTC

GET
H2 200 /
go.rcvlink.com/err/ Frame 9106 43 B
146 B 11ms
11ms Image
image/gif 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=230117-2113&ms=786&text=!responseText&ref=
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx / PHP/7.4.33
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

hn: m1
date: Tue, 29 Aug 2023 06:08:11 GMT
cache-control: no-store
server: nginx
x-powered-by: PHP/7.4.33
content-type: image/gif

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A975 15 KB
6 KB 76ms
19ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 295833
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 icon-top.svg
upst.fwdcdn.com/img/portal/main/ 525 B
402 B 14ms
12ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 341013
etag: "637656b5-13e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3adda39a39-FRA
content-length: 318
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 bg-main-static.png
upst.fwdcdn.com/img/ 10 KB
10 KB 21ms
19ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/bg-main-static.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 10:54:06 GMT
server: cloudflare
age: 295501
etag: "5ea80b4e-2962"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3adda89a39-FRA
content-length: 10594
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 favorites.svg
upst.fwdcdn.com/img/portal/main/ 673 B
459 B 19ms
17ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 340854
etag: "637656b5-16d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3adda99a39-FRA
content-length: 365
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 regions-star.svg
upst.fwdcdn.com/img/portal/main/ 830 B
553 B 19ms
18ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 340774
etag: "637656b5-1d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3addaa9a39-FRA
content-length: 470
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 3 KB
3 KB 18ms
17ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 340662
etag: "637656b5-be5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3addae9a39-FRA
content-length: 3045
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 arrow.svg
www.ukr.net/img/portal/main/ 233 B
308 B 26ms
25ms Image
image/svg+xml 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ukr.net/img/portal/main/arrow.svg

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 521740
content-length: 188
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
etag: "637656b5-bc"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3ad9e02c2d-FRA
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 orakul-sprite.gif
upst.fwdcdn.com/img/ 7 KB
7 KB 14ms
13ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:11 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 340815
etag: "51b860f4-1ad2"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe29e3aedba9a39-FRA
content-length: 6866
expires: Tue, 05 Sep 2023 06:08:11 GMT

GET
H2 200 runtime.js Show response
upst.fwdcdn.com/js/ Frame E6BC 408 KB
122 KB 19ms
19ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/runtime.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2017 14:33:26 GMT
server: cloudflare
age: 27559109
etag: "59380eb6-1e6e9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe29e3b3dfe9a39-FRA
content-length: 124649
expires: Wed, 28 Aug 2024 06:08:12 GMT

GET
H2 200 ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6BC 149 B
339 B 8ms
7ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-95"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 149
expires: Thu, 28 Sep 2023 06:08:12 GMT

GET
H2 200 term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6BC 389 B
579 B 9ms
8ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-185"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 389
expires: Thu, 28 Sep 2023 06:08:12 GMT

GET
H2 200 s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6BC 185 B
375 B 9ms
9ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-b9"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 185
expires: Thu, 28 Sep 2023 06:08:12 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A975
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=lgrN23xEMFVNblMwaGxnZzBuajJ3QzFYSVBwMUxJMFNrSlIzbGRhUnorWXJScmN3K0hla2dmTnlGZHlSbjVKbDZ0dHRkTVVxZ2QxSU5Md2tsTDFOdDNSMHd6b1k3Y3pwRkRNc1JsakpiRDZpZlA4VnZBQ3lBS3VGcWtXNF...

438 B
652 B

55ms
16ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lgrN23xEMFVNblMwaGxnZzBuajJ3QzFYSVBwMUxJMFNrSlIzbGRhUnorWXJScmN3K0hla2dmTnlGZHlSbjVKbDZ0dHRkTVVxZ2QxSU5Md2tsTDFOdDNSMHd6b1k3Y3pwRkRNc1JsakpiRDZpZlA4VnZBQ3lBS3VGcWtXNFg4b2hZRDRyeDdLM0RDaXVDSnM1a0d6ZVZVa2VoSS9LTzNubHV1K29PN1Z5MzdIcnlaUkUrcTJSakxHelFNRytvVTFYS3NSZU5nSkRmSUQ5Tkc5WFM0SFhwaXE4YzNPTFpNb0JZZTY3eTU1T0FwWkJBb3VsQXRaa0dEWnJTL3BQaXZZWnViRi8vcXNyVXhVVjVhOHlFakl1V2NscHNtdz09fA&cppv=2

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

657bf98782ddd44de005c5f31a7aac8e9ff97c51695dc0dbe759a106344bc903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1733613
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=lgrN23xEMFVNblMwaGxnZzBuajJ3QzFYSVBwMUxJMFNrSlIzbGRhUnorWXJScmN3K0hla2dmTnlGZHlSbjVKbDZ0dHRkTVVxZ2QxSU5Md2tsTDFOdDNSMHd6b1k3Y3pwRkRNc1JsakpiRDZpZlA4VnZBQ3lBS3VGcWtXNFg4b2hZRDRyeDdLM0RDaXVDSnM1a0d6ZVZVa2VoSS9LTzNubHV1K29PN1Z5MzdIcnlaUkUrcTJSakxHelFNRytvVTFYS3NSZU5nSkRmSUQ5Tkc5WFM0SFhwaXE4YzNPTFpNb0JZZTY3eTU1T0FwWkJBb3VsQXRaa0dEWnJTL3BQaXZZWnViRi8vcXNyVXhVVjVhOHlFakl1V2NscHNtdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 275265
content-length: 0
expires: 0

GET
H2 200 html5objects.js Show response
upst.fwdcdn.com/js/ Frame E6BC 555 KB
136 KB 15ms
15ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/html5objects.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2017 14:33:19 GMT
server: cloudflare
age: 27559108
etag: "59380eaf-21ee1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe29e3beea79a39-FRA
content-length: 138977
expires: Wed, 28 Aug 2024 06:08:12 GMT

GET
DATA 200
OK truncated
/ Frame E6BC 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame E6BC 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd8a30f60bbe41b0bef677711421e212f254da66b1888a58bd99df2e696b448

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 77ms
55ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95dde140a2f8b01df7d7c63388a01b63bc5397a2b89b9b969f5c45b6c8488327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11795
x-xss-protection: 0

POST
H2 204 rum Show response
www.ukr.net/cdn-cgi/ 0
163 B 16ms
15ms XHR
text/plain 104.18.9.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ukr.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fe29e3c9b812c2d-FRA

GET
H2 200 container.html Show response
bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3523 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Wed, 28 Aug 2024 06:08:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBA3 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Wed, 28 Aug 2024 06:08:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 06:08:12 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7093 624 B
826 B 77ms
47ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY7sCI6QEwAQ&v=APEucNXqeCLzt8MNn9kcJUTO26BLMNcagXadE_KBaTn7zlrpPdzdxmPoMI-sezXzwG-86C4ekQPiFAV2uKNDslQVRZjZQq737y5rH0cwgCimAQcBYRbDt3Li_1HnOBgp73AtMtK3ErDv4_gde-DU_K49u_OreogCISQpiFi-cJ0-8PgUqGKLY24

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:12 GMT
expires: Tue, 29 Aug 2023 06:08:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3523 86 KB
29 KB 74ms
59ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 06:08:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3523 42 B
63 B 58ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DuEpMZMYv-mKjkKd1_hLFtZOCZISZmLAS0iOhrEGgOgGEnwTJCxle_xQDc5tWXuUoEMNZkFpOxlbOdvfAIJL8bQxX2KcOqufJMQj2fJ7wuRaxVt4Y

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3523 0
20 B 56ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3372359017751358531&x=1&ct=76

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 3523 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 3523 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:43:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:43:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3523 181 KB
57 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 06:08:12 GMT

GET
H/1.1 200
OK vr Show response
ghb.adtelligent.com/ 48 B
314 B 86ms
86ms XHR
application/json 209.205.197.154
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/vr?bids=18960
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/OSala/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 48

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 272 KB
62 KB 398ms
398ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3279634773728220&correlator=4320525652031163&eid=31077255%2C31077365%2C31077384&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600%2C300x145%7C300x250%7C300x400%2C300x600%7C300x250%7C300x400&ifi=3&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3D75f8ffadb035a2ba%3AT%3D1693289291%3ART%3D1693289291%3AS%3DALNI_May8SaHfOa1Py9y88tYK3hnSqbUWg&gpic=UID%3D00000c69bb41d351%3AT%3D1693289291%3ART%3D1693289291%3AS%3DALNI_MbqMXmrSKGxkWFWcYwtNYDt6slQeQ&abxe=1&dt=1693289292396&lmt=1693282092&adxs=995%2C995%2C995&adys=196%2C1148%2C2129&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=300x250%7C300x250%7C300x0&msz=300x107%7C300x145%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&ga_vid=538104153.1693289292&ga_sid=1693289292&ga_hid=1902011504&ga_fc=true&dlt=1693289290750&idt=1027&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=2774844501%2C3317177319%2C3449700283&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ac219692655d2974b5ed91235af5e9542f8158ad76892538d4cc7ce683cb649

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COjenJaagYEDFQv9uwgdS98NOw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11723638967565356269/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COrenJaagYEDFQv9uwgdS98NOw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11723638967565356269/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COjenJaagYEDFQv9uwgdS98NOw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11723638967565356269/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COrenJaagYEDFQv9uwgdS98NOw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11723638967565356269/index.html
date: Tue, 29 Aug 2023 06:08:12 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63048
x-xss-protection: 0
google-lineitem-id: -1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3770 127 KB
44 KB 97ms
52ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO2LSwAOEjwH_ZJLAASdfuJ3C9y9Rki5TDrloQ&u=%7C%2FBE37nCRpAZ%2Bo4m0II0pPr09ncRI2TyPwWfWLRRl%2BvM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866vrqzw9yBhgOO8Sxjg1P7jAQg8WY_JQZB8NAG9SvYDbLIiHz6rN5PkewXMHwVWPQqh8GwWZsxLX1bsUsc6HtVV0Z5SSkBpW84Y5K1INcuRtITffM-9RZXyiWLi8byx1j1sHfYVbfNcKuh4paFMN7JO46Hyb_Ga7yY_1uz9aV-EN6ulFHJlUTTD3QQ1G3PsTly8V0XmLbEdmLTzYg9ZMMHp_KivfWGhw7PpnyqJo7W_7N27fpC--n_G6k66OUF38Gaqc6qP8yJR8y_F8IzRdbxyTL2WAE0ZDEtMH4KDMNHMNqf3oGucOMLmNvGg9ck6V0JFpijGTzRnhvuaC5c95EKzGSGcY3OSZknv22n2o1YkfwGUt5HPo0Re8vChlu-JH8UWK1a6yv5DchTVyOxKNZG2BJu00jbrx8RifR-kyiTsMSlKIyy7RneWKXV5gYYnGTQIkL8WiusQrI-B-U3Un2PBNjk3DTDywzfS9pJWJkMmApHvukJAuAhmPG8wX2YpfJxhCcTkzqM0dmlN_FWYz2kAsiwWH7g-KIpZE61g6tDyKhXdMV_KRzJea-WlMZRHb9aO-ToNFKABSQHmNoys3olE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF4usS4vtZLykOMuk9u8P_rqS8ATJntKxXNX24taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDA1ODEzNDExODc5MDA2yAEJqQIaTNtWBC2yPuACAKgDAcgDAqoE-wFP0I_X71bx5TbTHBuLQMGubVLgr0Yg_3Qo0eDLRN8jdS0ZCBbZN_sNtY456SObI3iCPJ0uf2LxnmQNxG-gAebL7MX2BRGKMj0_8zrD1wt4r7k1ez9q2wO15IapBh-l9GVG6WH3mzKqmj8G2t_O4oGE5sqNN3CFplWMzVaPGda0JiyZO3oXKHi1IbgjlmLJLj07cSbDxopsddFh93p3aIAIVdbsORij0BjqDFbSK6hAztqso-tSaGFB6_l_G2so5DtPsz1d8No_lek9S_pHxfQAE0VruPLq3FnHHKjgmVNsp3sWnnQ-deSS8kYE54uCdKKjS5JEyS8VpMEVO-AEAYAG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LGhRQJghIc9Ut3OVcqMRrQm78CQ%26client%3Dca-pub-7005813411879006%26adurl%3D

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

acb233d99ec46d33ce5e31af71997424691326520f037106b0a4dd66f37aeb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dHKn4SfKRi1Yw7CY3_7w0204mEhuriUnrWW-CYR0jcez3W4lL2Yu_GIONRf_m7Fasb6E26mdyTGnfWKD_2Li5MxJQzK40H2E_yRg1O95HSDVaLNw3tX-JmH7MiUF7hPyaPFf-c0DGrQXeuGJEkElREQHF8TsQbq8nuDqTZsGn8BtzHyTs6qPvMVHamCle6SmPGjn_RyUNdtGOtxsxjVgrnmgbGpP50q69RLz--XbSvp33HHrIw9xvfLCBMdXmLQiq_pfVw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 35682755
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame CBA3 3 KB
1 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame CBA3 20 KB
8 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:43:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:43:55 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CBA3 24 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 03:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 26 Aug 2024 03:38:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBA3 181 KB
57 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 06:08:12 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 1 KB
707 B 89ms
87ms XHR
application/json 209.205.197.154
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=463288&aid2=812819
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/OSala/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: cf0b12f569969a564ec0a6bd146e88eaffd8fb10fbbfb461f4fc2754b346782e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:11 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 401

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7093
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1

43 B
766 B

14ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY7sCI6QEwAQ&v=APEucNXqeCLzt8MNn9kcJUTO26BLMNcagXadE_KBaTn7zlrpPdzdxmPoMI-sezXzwG-86C4ekQPiFAV2uKNDslQVRZjZQq737y5rH0cwgCimAQcBYRbDt3Li_1HnOBgp73AtMtK3ErDv4_gde-DU_K49u_OreogCISQpiFi-cJ0-8PgUqGKLY24
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 06:08:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7093
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO2LTPdiQa3tLolNj75fzgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY7sCI6QEwAQ&v=APEucNXqeCLzt8MNn9kcJUTO26BLMNcagXadE_KBaTn7zlrpPdzdxmPoMI-sezXzwG-86C4ekQPiFAV2uKNDslQVRZjZQq737y5rH0cwgCimAQcBYRbDt3Li_1HnOBgp73AtMtK3ErDv4_gde-DU_K49u_OreogCISQpiFi-cJ0-8PgUqGKLY24
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 06:08:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMBddlqgpFp3X-M_2baV77g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7093
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsQC-NquLlwzhEJQSqISus&google_cver=1

43 B
840 B

20ms
20ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEsQC-NquLlwzhEJQSqISus&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY7sCI6QEwAQ&v=APEucNXqeCLzt8MNn9kcJUTO26BLMNcagXadE_KBaTn7zlrpPdzdxmPoMI-sezXzwG-86C4ekQPiFAV2uKNDslQVRZjZQq737y5rH0cwgCimAQcBYRbDt3Li_1HnOBgp73AtMtK3ErDv4_gde-DU_K49u_OreogCISQpiFi-cJ0-8PgUqGKLY24

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
an-x-request-uuid: 105d8836-825c-478c-ada4-535a02613983
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEsQC-NquLlwzhEJQSqISus&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7093
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAxOTY2Nzg1MDgwMDE5MzM0NQ%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAxOTY2Nzg1MDgwMDE5MzM0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
an-x-request-uuid: ba042977-1c15-47ae-90ec-2be24267298b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAxOTY2Nzg1MDgwMDE5MzM0NQ%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE7E 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 21:17:54 GMT
expires: Tue, 27 Aug 2024 21:17:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 160B 829 B
1 KB 49ms
16ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a2fd80b28a2af0016d70a68b8e523bc3c4736b4f5b9370e45d266bc1c06a6e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--teBHu9yfJ64Vc9EhgM3sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce--teBHu9yfJ64Vc9EhgM3sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:12 GMT
expires: Tue, 29 Aug 2023 06:08:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3523 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7253721891003&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3523 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7253721891003&version=m202307240101&ct=76&x=1&cor=3372359017751358500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3523 111 KB
41 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CudtEI6qcgtVpzJCVgOIdVfndP3OW48_g09v_RAZ_vk3EH2wpY3Fu1-E2ALhemkoZScLHLHUdoX0ymm454_50VnhcdYLuFmcpBalOfew1eWSUoA4vamGskMYXEaNEQAL1xAH4HWuSYtbMuw74HiQdAX_EF-ZCg1GGa_cMFvKJaXow1Sdg&dbm_d=AKAmf-BIDMhdkVfALmKmRLERCFse3NG0NjDCu_GGMeIwC2cpgddrVpaJiB5UEtz59F4DDUE9zlMTiBVHpaKUdg64O4T1K7u0sKZtjTE-vSAMAIT5xe41igeH_B6S2Y_FMrbB-XjKxESqy6xh-PKKQf2lHyAhIg3TZMg7_pbfEY4F1qnBnRyvGFN2GfuaQDFU0zCjkboU7-h10Q4nyLDZbTYfO0yyiRwNbNtpALK-YHZ5hhjSgYrHKkmq2c_Um8cmBhk5enXicQITToClXuYXhLOC66kbcpQK0FDjGmeXldSfjO_mx0CK-WppSXb814e4BqLw05LlQqdbBBfC7lrsBDauZhmt_S1JCRyoWFJdumMPVIoy7mZm-MnfQ6UQSHN9M6gY_GSezL-NwugUvPsWSbmUi3lNjCv1NztS04Wl5nLb0NEjEJwK01hW9LhOMgn80nUbsnpQqq6_Ffk11Zqly7AnRWnyazfQXYtyJgxcUcU-Nz914qF5gT-LmQQ4wONhZWhFPt92ZNHg67eSdoSfCB9DtWRIDsH1qYSZGkpq6Ti29j4DhTlBSPElFWMYAy-Tt8c2xfszvp68Fa7tF5QBg8MBDjqelWTgmFuyneJFDpT2C8HhPe601dw5tbz8bwlr3MSErbnrH_fYgHLYDV4yHRaEl4iVtznNyVVqgyT0vNgLMT2KWJ5BD6VN_2b3OVtF66fvnbX5IgANnTtI2lgBujjTJLDFiHfwpf-PQFAn8UmsNNpvefdA3D9loaRyYUOC-oNpsKVKXiHxW8chc4pU6h8EgDS5uTggc1JeBw-pQ_XEmqMEcKUopaS0RF1PKg0UrXKXrOIzcYhMQqFTWZZq3Wr4aa-XpVrzQxY9JLv4SSQS0IB8vyqDwTQ3PGYZ7sybM6NmGF7GBwT-kcWwRWkxMkCaG6e4ZmJRBuJBbWeGo6WLr6WxK4FwjVFX6m29hKOhb3Ynk5BkxhgQk23soJeroNsTpH9K0V1D6ijkw983dQNZfU2MWrVU2ejb1UoYm2S-M_DhrGAuXRE2BghzHzm9Xc9nywBKBqQG8-Vu255aCSO8qBUOrFHahZtq1da0_4ThJ8xCgKBUipQ2wz2xDOlc2lxfLxCadS5Cull3cVXXXMdfWfDYd2XswxcjzhfAYkc2Nya2acRyVsSjPhGCAEOttH3TRUKABvGMiVnc8aHbY3dAUdRX7-uW5JJ8Wb2U705GTqfgJg8VJjBZcZE-pwtWUB170Iq9BhPHhRLSUuOW94gy3eMpFr3KUMN5GF-DU6SgZ3n6eTlxo9P-VJ5w54JUYsVrJ5tG9U-gP6D8DKxq6w9OuYUqEbwDZogl6g-QUEv_z_3YBVdo8q0wDCk2lEL_T1u3QC9g1QAncKZisWryAAf9gSPW8DW15AL03X7TDr3SFBV7o3M_mw2M4WyGu9lCvo0I9EgWDQZV_F2Ll14hCKQASk6mFmN5hre5Zd0W_kYeX-MnpvMEpbC9P-7uxlom2uguXPCjD5YlmlXGLip8sCxeCGmusz0NuEFBy3JtlYjfbQlh8LiAke9slro6WOGc1wZPiwn4HGMre293KiX2bwmgrqSOpN-TDX6tK_hqBAcgMI2ooCZEBNAc_JVIdN8PnUlXIt_CVM2xtsJJsfN91cVz8JzMXOJ6qsp49qOAqquZB8kXmCbz7NJdIjvWFX6DNXE6fEr1JWEguAl4b_EKt9GncGbi6KRud7xCwgo2Rgs4Tmuylki3rISBf403vId0qPsZH-x0yeliFREyu7tg66Edwle0vtFUy6btlVJAFkOAF_f-TLoSHuFjUU4qO9WKALJMlD1uWs0cSB069EzdJu8xUDWKEbUO3EhHfa5SUozwtEODKBLIDpL5XUbH8nrpPtgOnaTVqh2rWVGw-hxuMHZ2RmmndkLb9NMot0a0EYlZYW0Uvh8qT9stKQBFg2YSJVlSOPOV3geQt0nFtfivamM5TxqrIAb1rIATtBbNzdJeo74zYD5TAIhFMAo_nnPmGOPfFMu2zE7F-6sCBPiXNjRcrh53MwHTFQ4fqXbjSS-aBzLYm4KdulIpXVWHyqs5HW63uHMr_XRlANABpff9CPwfWS6C6H2g3qVGKmcmaGhajT41dlb62LdxgJWGjNGXkuNwFrGE_u1XzAKL7gqbnnls4IATp-UVe2sZxNcF_YH4lbnkUKCM2UBTvh87ovBzvKtIRiGACyIlUp9El53HUyvozE9_AdBTnrqv3vCvadRKC_Z0i8Q9JE6i-vZH-mad98HMymKcb0F-BMv_My8AdBSnLTFQGzh-FLBzNsVIxX-qqwq1GjhOmOkr8DLdKB1HnMKUmjtQx_jqb16UvDBFt1w24wVP7hsqIFlOYOpptwIURUQJL8L-jE_MZ7o_Jv1LKorSbJkkKj7geuY-Ioj4r-MXwQ1lTbxDTRPF-qqQC7UAeMvMH-_FvIhQYXGAyPD41ORkSoJDfrqG9yTci79kg3dntDH6QyoKpPngYsOdUkrQIvcvJfeeFHG9Ff7y7gPCK4sdOmWaUT0xcBauWXU57P5Gs5whM27Ztxk6QoV_ol3VtXCLL5n9EJ0Itu_Lp4JWE6Ey0fsIfbxwHujOcPXNz6emlG_vNTJ7e23WRxiCN-0RIdbsYy5TvK9gNtv-Xb7U_MFKLx52bmiY6dDPZgR5Yvuw8sJHdcM6UUG4y3Mf-kSLz8fbqU6XvubL08E3AbZX93PirYLq0P_qZvTnzePfTIgFQsSEvddxI6cXEK1DO4X8_eWdCVXN7xK1mpbt9dJtTElc7Hn80TyCkk2vmfA4a_4_czYp8nVyKnwoYII9Gw4z3UVSSxbvcYbpqi1OwFvjp-IrO0LjHPPMiJTpYFHYM9n9x2oYr6EKt3CUTE_Cak12PKr0xn8-NA_3n8mhk0K6m40o8nNHgUrCwbEGUJVTvFY_J1AVCeZaCnPY0sr_y6suq2_YraGzeuXwAnm-6zHb5LyjJkAddGTcNtVr2wNSQpwJC62JjpmlXuFg2arN5iAkmeiDQlextdiLhABxwFMQurx7ozeQRKCMLj4dc-wCEi1BTWkGeF8BA4ruIVjgEeye0JszOp9EhcQsUbAEXTXZsYC9k0DDYxaoMU4y-C-ULqQ5_Hvvj5NC4E1jBZ-DH1SQCPCvYpkL2pV8N5jIvLxOd6CSIQDTw_JIhhZtPTW6ZQlFSnZ2-upeJocbwOW75wDmXxbMg5AZyA0mj9r_67e0rBXKJDzlbGGN_HO1htVJtiOsjkYx2xr4sHlQ_VFkP0_tJLU5bpyF27QEEBy1zNp_chwCfiSeOu5I-poQEiJAg44WxlZnIQRVsSM4qrb7iqOjU7FgSwpecncU35l6jeEW9oVzGCC3YFNphrzntd5TGQesXab08h9lHw1rd4LVDu20ulNX1Ioet3TfF2fpJJvMFU2_M9rEPyyOwHEz78HPtwoj9396pYh-7CwSY6RYD8ZNVxZfxdrg3AydXgran6AVUXOVXgry5WX73yw-zw3s4DWgMevlhkuyqZTc3kJyfWaYqWDv_aVVirspQNoeIPxWBdzPezBMOP7jDiG0miJSRteNcvpBGy7oSnz8fl5h2867t15OynpsHf3eryWfXCcfqHc9usREpW9z-7nMg0Ykup2NrcwFVeFDfrdnaOhaBG5qzF4R3_dW2ziocJix0Lu4hlJtp0H1zS8dJGtpBM6xdIJBafmJnLndS92DwddVSQVNIL8vqFK8CqqMBA3ikmdFTjMA0-BgNwQgu2ozKrPMSCCCfD-N1OKXXAOWtW_uRg5hGRU5hmKUaj437Ko3uJ0jwgKQ1tq6xLR3PA_mV98xXvpkS07lcTYLiGBWglK0yIdCOMF-1uYLL6CJFSDqT2voa9p1s2g5fyI_rqQvjIpZXJQE1dl0-KVDJ1MD5BHJiZ_gMyIFQ0Bat7xx8fO2fQ5hHXcQW3NU0M3MHmqt1iNR7BbkqOhw-79VI4uj1e5hc_aS0uI8JLdmrlLKx4S9DI41dVgU-6_Kric5LQ&cid=CAQSSwBpAlJW8OHePluUtOAsmxDP_Tkm2kHnV7EOC5uIbvaq0SlJhZTrRPJwN_OzrHp1QW-WNX56QNT6ITyZZI0prG40jPxMn6k_LA5vLRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=3372359017751358500&adk=2857193498&idt=82&cac=0&dtd=41

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbefb2421db07ea13d26ff340513e20cd86660ed6ae4cde14fa2f4df52e33965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41443
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CBA3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b50152103713a9aa9e8c9ceaaecf49731736343fec4247a7439459b89fdf3aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=488bc20d-700d-49dc-b26b-349e5e331e91

43 B
473 B

133ms
90ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=488bc20d-700d-49dc-b26b-349e5e331e91
Protocol: HTTP/1.1
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 06:08:12 GMT
Server: Adtelligent
Etag: ca3fda87168c4f92
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=488bc20d-700d-49dc-b26b-349e5e331e91
date: Tue, 29 Aug 2023 06:08:12 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 74ms
14ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 29 Aug 2023 06:08:12 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ca3fda87168c4f92

35 B
349 B

79ms
22ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ca3fda87168c4f92
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 29 Aug 2023 06:08:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ca3fda87168c4f92
Date: Tue, 29 Aug 2023 06:08:11 GMT
Server: Adtelligent
Etag: ca3fda87168c4f92
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 351ms
99ms Image
text/html 44.193.144.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.144.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-144-116.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3770 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO2LSwAOEjwH_ZJLAASdfuJ3C9y9Rki5TDrloQ&u=%7C%2FBE37nCRpAZ%2Bo4m0II0pPr09ncRI2TyPwWfWLRRl%2BvM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866vrqzw9yBhgOO8Sxjg1P7jAQg8WY_JQZB8NAG9SvYDbLIiHz6rN5PkewXMHwVWPQqh8GwWZsxLX1bsUsc6HtVV0Z5SSkBpW84Y5K1INcuRtITffM-9RZXyiWLi8byx1j1sHfYVbfNcKuh4paFMN7JO46Hyb_Ga7yY_1uz9aV-EN6ulFHJlUTTD3QQ1G3PsTly8V0XmLbEdmLTzYg9ZMMHp_KivfWGhw7PpnyqJo7W_7N27fpC--n_G6k66OUF38Gaqc6qP8yJR8y_F8IzRdbxyTL2WAE0ZDEtMH4KDMNHMNqf3oGucOMLmNvGg9ck6V0JFpijGTzRnhvuaC5c95EKzGSGcY3OSZknv22n2o1YkfwGUt5HPo0Re8vChlu-JH8UWK1a6yv5DchTVyOxKNZG2BJu00jbrx8RifR-kyiTsMSlKIyy7RneWKXV5gYYnGTQIkL8WiusQrI-B-U3Un2PBNjk3DTDywzfS9pJWJkMmApHvukJAuAhmPG8wX2YpfJxhCcTkzqM0dmlN_FWYz2kAsiwWH7g-KIpZE61g6tDyKhXdMV_KRzJea-WlMZRHb9aO-ToNFKABSQHmNoys3olE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF4usS4vtZLykOMuk9u8P_rqS8ATJntKxXNX24taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDA1ODEzNDExODc5MDA2yAEJqQIaTNtWBC2yPuACAKgDAcgDAqoE-wFP0I_X71bx5TbTHBuLQMGubVLgr0Yg_3Qo0eDLRN8jdS0ZCBbZN_sNtY456SObI3iCPJ0uf2LxnmQNxG-gAebL7MX2BRGKMj0_8zrD1wt4r7k1ez9q2wO15IapBh-l9GVG6WH3mzKqmj8G2t_O4oGE5sqNN3CFplWMzVaPGda0JiyZO3oXKHi1IbgjlmLJLj07cSbDxopsddFh93p3aIAIVdbsORij0BjqDFbSK6hAztqso-tSaGFB6_l_G2so5DtPsz1d8No_lek9S_pHxfQAE0VruPLq3FnHHKjgmVNsp3sWnnQ-deSS8kYE54uCdKKjS5JEyS8VpMEVO-AEAYAG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LGhRQJghIc9Ut3OVcqMRrQm78CQ%26client%3Dca-pub-7005813411879006%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 06:08:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3770 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 06:08:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3770 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 23 Aug 2024 06:08:12 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3770 293 B
621 B 18ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 23 Aug 2024 06:08:12 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 3770 43 B
348 B 86ms
16ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=mTHLGTsGDt_eLj_r0U0_87yVybY5aZhW2lp7wqAHobdw9uvs6vpVv8JQZXXpt5TbDZ_nxmHfbPvSethSmcgCno1AJgycmMe_w0wwb2vE-Le6zmmhX4_sN8anUwcGDBuEZMXQwKQTZGzcLEzCYc3dsaT3oDF-SjuSmsEKpdK_vBg_9xND-ViRV0c-s3BHNU46XoHl_wwZiJ64wFlNbcqv6JahUqCyD29AL_Ge_OoiPaAx7HFVT03ppIE-v8_EQv60sRePR-dHIrrP1VDsIZ3hMr1PCiqdsNfLrw35LEDMe6frVQpSD8C_ugkGvNHtUyao0TU9NXSPHGelpvWL-_lnr6TM6CNDLNDi9_uN1JG4KVWXuQHnXl7HIOMqtMlk7yZExbBuDn9GzCVeID9YEhOlcA9Wh3f1TPubimwEbyQ7LfVbcUGIiQJDy6JfBl3oaZzEGxuosrXwpDUnj38IuT-aqSgo4Og

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2332830
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3770 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 06:08:12 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1450266/71191519/ Frame 3523 250 KB
75 KB 139ms
33ms Script
application/javascript 99.80.174.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1450266/71191519/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012305835&ias_pubId=pub-2923577365468476&ias_chanId=1&ias_placementId=20240023183&bidurl=https://www.ukr.net/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hj24pGDzwxR1NCcATS80OA
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.174.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-174-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d3829e4c88f1f13c181a821691f25f174deb57c21fb120adefe3f971c76c4f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3523 111 KB
39 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Origin: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 10:55:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/ Frame 3523 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CudtEI6qcgtVpzJCVgOIdVfndP3OW48_g09v_RAZ_vk3EH2wpY3Fu1-E2ALhemkoZScLHLHUdoX0ymm454_50VnhcdYLuFmcpBalOfew1eWSUoA4vamGskMYXEaNEQAL1xAH4HWuSYtbMuw74HiQdAX_EF-ZCg1GGa_cMFvKJaXow1Sdg&dbm_d=AKAmf-BIDMhdkVfALmKmRLERCFse3NG0NjDCu_GGMeIwC2cpgddrVpaJiB5UEtz59F4DDUE9zlMTiBVHpaKUdg64O4T1K7u0sKZtjTE-vSAMAIT5xe41igeH_B6S2Y_FMrbB-XjKxESqy6xh-PKKQf2lHyAhIg3TZMg7_pbfEY4F1qnBnRyvGFN2GfuaQDFU0zCjkboU7-h10Q4nyLDZbTYfO0yyiRwNbNtpALK-YHZ5hhjSgYrHKkmq2c_Um8cmBhk5enXicQITToClXuYXhLOC66kbcpQK0FDjGmeXldSfjO_mx0CK-WppSXb814e4BqLw05LlQqdbBBfC7lrsBDauZhmt_S1JCRyoWFJdumMPVIoy7mZm-MnfQ6UQSHN9M6gY_GSezL-NwugUvPsWSbmUi3lNjCv1NztS04Wl5nLb0NEjEJwK01hW9LhOMgn80nUbsnpQqq6_Ffk11Zqly7AnRWnyazfQXYtyJgxcUcU-Nz914qF5gT-LmQQ4wONhZWhFPt92ZNHg67eSdoSfCB9DtWRIDsH1qYSZGkpq6Ti29j4DhTlBSPElFWMYAy-Tt8c2xfszvp68Fa7tF5QBg8MBDjqelWTgmFuyneJFDpT2C8HhPe601dw5tbz8bwlr3MSErbnrH_fYgHLYDV4yHRaEl4iVtznNyVVqgyT0vNgLMT2KWJ5BD6VN_2b3OVtF66fvnbX5IgANnTtI2lgBujjTJLDFiHfwpf-PQFAn8UmsNNpvefdA3D9loaRyYUOC-oNpsKVKXiHxW8chc4pU6h8EgDS5uTggc1JeBw-pQ_XEmqMEcKUopaS0RF1PKg0UrXKXrOIzcYhMQqFTWZZq3Wr4aa-XpVrzQxY9JLv4SSQS0IB8vyqDwTQ3PGYZ7sybM6NmGF7GBwT-kcWwRWkxMkCaG6e4ZmJRBuJBbWeGo6WLr6WxK4FwjVFX6m29hKOhb3Ynk5BkxhgQk23soJeroNsTpH9K0V1D6ijkw983dQNZfU2MWrVU2ejb1UoYm2S-M_DhrGAuXRE2BghzHzm9Xc9nywBKBqQG8-Vu255aCSO8qBUOrFHahZtq1da0_4ThJ8xCgKBUipQ2wz2xDOlc2lxfLxCadS5Cull3cVXXXMdfWfDYd2XswxcjzhfAYkc2Nya2acRyVsSjPhGCAEOttH3TRUKABvGMiVnc8aHbY3dAUdRX7-uW5JJ8Wb2U705GTqfgJg8VJjBZcZE-pwtWUB170Iq9BhPHhRLSUuOW94gy3eMpFr3KUMN5GF-DU6SgZ3n6eTlxo9P-VJ5w54JUYsVrJ5tG9U-gP6D8DKxq6w9OuYUqEbwDZogl6g-QUEv_z_3YBVdo8q0wDCk2lEL_T1u3QC9g1QAncKZisWryAAf9gSPW8DW15AL03X7TDr3SFBV7o3M_mw2M4WyGu9lCvo0I9EgWDQZV_F2Ll14hCKQASk6mFmN5hre5Zd0W_kYeX-MnpvMEpbC9P-7uxlom2uguXPCjD5YlmlXGLip8sCxeCGmusz0NuEFBy3JtlYjfbQlh8LiAke9slro6WOGc1wZPiwn4HGMre293KiX2bwmgrqSOpN-TDX6tK_hqBAcgMI2ooCZEBNAc_JVIdN8PnUlXIt_CVM2xtsJJsfN91cVz8JzMXOJ6qsp49qOAqquZB8kXmCbz7NJdIjvWFX6DNXE6fEr1JWEguAl4b_EKt9GncGbi6KRud7xCwgo2Rgs4Tmuylki3rISBf403vId0qPsZH-x0yeliFREyu7tg66Edwle0vtFUy6btlVJAFkOAF_f-TLoSHuFjUU4qO9WKALJMlD1uWs0cSB069EzdJu8xUDWKEbUO3EhHfa5SUozwtEODKBLIDpL5XUbH8nrpPtgOnaTVqh2rWVGw-hxuMHZ2RmmndkLb9NMot0a0EYlZYW0Uvh8qT9stKQBFg2YSJVlSOPOV3geQt0nFtfivamM5TxqrIAb1rIATtBbNzdJeo74zYD5TAIhFMAo_nnPmGOPfFMu2zE7F-6sCBPiXNjRcrh53MwHTFQ4fqXbjSS-aBzLYm4KdulIpXVWHyqs5HW63uHMr_XRlANABpff9CPwfWS6C6H2g3qVGKmcmaGhajT41dlb62LdxgJWGjNGXkuNwFrGE_u1XzAKL7gqbnnls4IATp-UVe2sZxNcF_YH4lbnkUKCM2UBTvh87ovBzvKtIRiGACyIlUp9El53HUyvozE9_AdBTnrqv3vCvadRKC_Z0i8Q9JE6i-vZH-mad98HMymKcb0F-BMv_My8AdBSnLTFQGzh-FLBzNsVIxX-qqwq1GjhOmOkr8DLdKB1HnMKUmjtQx_jqb16UvDBFt1w24wVP7hsqIFlOYOpptwIURUQJL8L-jE_MZ7o_Jv1LKorSbJkkKj7geuY-Ioj4r-MXwQ1lTbxDTRPF-qqQC7UAeMvMH-_FvIhQYXGAyPD41ORkSoJDfrqG9yTci79kg3dntDH6QyoKpPngYsOdUkrQIvcvJfeeFHG9Ff7y7gPCK4sdOmWaUT0xcBauWXU57P5Gs5whM27Ztxk6QoV_ol3VtXCLL5n9EJ0Itu_Lp4JWE6Ey0fsIfbxwHujOcPXNz6emlG_vNTJ7e23WRxiCN-0RIdbsYy5TvK9gNtv-Xb7U_MFKLx52bmiY6dDPZgR5Yvuw8sJHdcM6UUG4y3Mf-kSLz8fbqU6XvubL08E3AbZX93PirYLq0P_qZvTnzePfTIgFQsSEvddxI6cXEK1DO4X8_eWdCVXN7xK1mpbt9dJtTElc7Hn80TyCkk2vmfA4a_4_czYp8nVyKnwoYII9Gw4z3UVSSxbvcYbpqi1OwFvjp-IrO0LjHPPMiJTpYFHYM9n9x2oYr6EKt3CUTE_Cak12PKr0xn8-NA_3n8mhk0K6m40o8nNHgUrCwbEGUJVTvFY_J1AVCeZaCnPY0sr_y6suq2_YraGzeuXwAnm-6zHb5LyjJkAddGTcNtVr2wNSQpwJC62JjpmlXuFg2arN5iAkmeiDQlextdiLhABxwFMQurx7ozeQRKCMLj4dc-wCEi1BTWkGeF8BA4ruIVjgEeye0JszOp9EhcQsUbAEXTXZsYC9k0DDYxaoMU4y-C-ULqQ5_Hvvj5NC4E1jBZ-DH1SQCPCvYpkL2pV8N5jIvLxOd6CSIQDTw_JIhhZtPTW6ZQlFSnZ2-upeJocbwOW75wDmXxbMg5AZyA0mj9r_67e0rBXKJDzlbGGN_HO1htVJtiOsjkYx2xr4sHlQ_VFkP0_tJLU5bpyF27QEEBy1zNp_chwCfiSeOu5I-poQEiJAg44WxlZnIQRVsSM4qrb7iqOjU7FgSwpecncU35l6jeEW9oVzGCC3YFNphrzntd5TGQesXab08h9lHw1rd4LVDu20ulNX1Ioet3TfF2fpJJvMFU2_M9rEPyyOwHEz78HPtwoj9396pYh-7CwSY6RYD8ZNVxZfxdrg3AydXgran6AVUXOVXgry5WX73yw-zw3s4DWgMevlhkuyqZTc3kJyfWaYqWDv_aVVirspQNoeIPxWBdzPezBMOP7jDiG0miJSRteNcvpBGy7oSnz8fl5h2867t15OynpsHf3eryWfXCcfqHc9usREpW9z-7nMg0Ykup2NrcwFVeFDfrdnaOhaBG5qzF4R3_dW2ziocJix0Lu4hlJtp0H1zS8dJGtpBM6xdIJBafmJnLndS92DwddVSQVNIL8vqFK8CqqMBA3ikmdFTjMA0-BgNwQgu2ozKrPMSCCCfD-N1OKXXAOWtW_uRg5hGRU5hmKUaj437Ko3uJ0jwgKQ1tq6xLR3PA_mV98xXvpkS07lcTYLiGBWglK0yIdCOMF-1uYLL6CJFSDqT2voa9p1s2g5fyI_rqQvjIpZXJQE1dl0-KVDJ1MD5BHJiZ_gMyIFQ0Bat7xx8fO2fQ5hHXcQW3NU0M3MHmqt1iNR7BbkqOhw-79VI4uj1e5hc_aS0uI8JLdmrlLKx4S9DI41dVgU-6_Kric5LQ&cid=CAQSSwBpAlJW8OHePluUtOAsmxDP_Tkm2kHnV7EOC5uIbvaq0SlJhZTrRPJwN_OzrHp1QW-WNX56QNT6ITyZZI0prG40jPxMn6k_LA5vLRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=3372359017751358500&adk=2857193498&idt=82&cac=0&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:46:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:46:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/ Frame 3523 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:41:18 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3523 41 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 268017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3770 8 KB
8 KB 67ms
29ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=286&m=0&partner=100829&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F230107%2F71b4977a54894ba9afd2e3de35efa73f_500x500.png&v=3&w=196&s=eNt0x9SDQVHrcZLFfEk3m8Mp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42986d96f95240f56b65d73b4867947fc7111ffcea44c1fd3093f3a1052778f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 7887
expires: Mon, 29 Jul 2024 05:40:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3770 6 KB
6 KB 55ms
17ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F04%2F10-IN-1-USB-HUB-GEEKOM.webp&v=3&w=400&s=iqnk1mlYPbjcg1UkqiwUdzc9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
content-length: 6114
expires: Tue, 29 Aug 2023 06:12:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3770 0
128 B 54ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dHKn4SfKRi1Yw7CY3_7w0204mEhuriUnrWW-CYR0jcez3W4lL2Yu_GIONRf_m7Fasb6E26mdyTGnfWKD_2Li5MxJQzK40H2E_yRg1O95HSDVaLNw3tX-JmH7MiUF7hPyaPFf-c0DGrQXeuGJEkElREQHF8TsQbq8nuDqTZsGn8BtzHyTs6qPvMVHamCle6SmPGjn_RyUNdtGOtxsxjVgrnmgbGpP50q69RLz--XbSvp33HHrIw9xvfLCBMdXmLQiq_pfVw&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 06:08:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3770 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 06:08:12 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3770 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 06:08:12 GMT

GET
DATA 200
OK truncated
/ Frame 3523 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5bde36a7eda36400f057562274c715a95bac9623b43d10c122166eb4ed98e25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 160B 0
0 44ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308230101&jk=3279634773728220&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame DE7E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 10:48:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 10:48:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CBA3 0
0 53ms
52ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLYb9S4vtZLykOMuk9u8P_rqS8ATJntKxXNX24taTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDA1ODEzNDExODc5MDA2yAEJqQIaTNtWBC2yPuACAKgDAcgDAqoE-AFP0I_X71bx5TbTHBuLQMGubVLgr0Yg_3Qo0eDLRN8jdS0ZCBbZN_sNtY456SObI3iCPJ0uf2LxnmQNxG-gAebL7MX2BRGKMj0_8zrD1wt4r7k1ez9q2wO15IapBh-l9GVG6WH3mzKqmj8G2t_O4oGE5sqNN3CFplWMzVaPGda0JiyZO3oXKHi1IbgjlmLJLj07cSbDxopsddFh93p3aIAIVdbsORij0BjqDFbSK6hAztqso-tSaGFB6_l_G2so5DtPsz1d8No_lek9S_pHxfQAE0UputN4W9ZbDxd8jfC8mt3ul2A0w-686sSwL7Ykhh29Z4rBY6sGG-AEAYAG7ajznMK8-trOAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcdChsSFHB1Yi03MDA1ODEzNDExODc5MDA2GN-2kAE&sigh=56AcwDDDNlk&uach_m=[UACH]&cid=CAQSSwBpAlJW8OHePluUtOAsmxDP_Tkm2kHnV7EOC5uIbvaq0SlJhZTrRPJwN_OzrHp1QW-WNX56QNT6ITyZZI0prG40jPxMn6k_LA5vLRgB&cbvp=2&vis=1
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame CBA3 0
126 B 71ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6DQFcz6RKwCkQGdg2ICAgAAAGD2OmfyvwyncNRnexU8j5wQS4vtZHEqQ92_Q2xdWOkAABIAAAoKQVFVRER3RUJEdw&wp=ZO2LSwAOEjwH_ZJLAASdfuJ3C9y9Rki5TDrloQ&cbvp=2

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:12 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 146986
server: Kestrel
content-length: 0

GET
H3 200 container.html Show response
bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B3E 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Wed, 28 Aug 2024 06:08:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 019A 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:11 GMT
expires: Wed, 28 Aug 2024 06:08:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 59F1 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 171387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/ Frame 2459 6 KB
2 KB 24ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05db26835f8cb4ec5128a4b6a7b47e080d40a022c0b7a37b9555e13f4eb4d657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 542852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1855
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 23:20:40 GMT
expires: Wed, 21 Aug 2024 23:20:40 GMT
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3523 0
0 110ms
55ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssd5LB1G2Ihc_zSKMMcDStPd4zTM6bB6ERkwv63XtbI1ftPEaMIL9SF5hfi4e_IZJro-MH18VCztQOefggRUcIHz7kOExSdKSYwqNdYKyT0NFkXDnZEVl_1OLbgTzMBmwSe6a-0LpqdspRil0Z_hLxuSnWg2Api68jDaLd_P0SHANyURyyp7FMxvc8SpXpHEpFiugfX5rZUOBmZ_OUwNl0vCorjsm6t6-eht7M7OeOSiRe9pxmK3PcDTkR1mQpwRkm88Z12r07nXM--Nf3tM8ucJr753HrIxABV-EnVq1w7-eVvjDIJ18eZOC1ISddPaST5sCVhfxnWczMfmwrBjQFo8sfoM9T5eRHKxnvN0v72FIctz9pzJBK1JnGUQfpLSQ2UKTcbKEHgTM2yUxa-8ixv9t5lOFk2kraw1qxiPsq1h6WWG3jeaKoQ4jxuGXttLP-0hTfQzsabnXIW-WIbbsAKR6fZVJCOqp0HGxFkoMUG3qmIOhY1pycPQSHVG-S7-yF28p7bnJ9KOh3mqkFlnnS_yvMipUMAce_QdXFm1wsobgpcrJrex9FeIk1-GotONiX2Z9lk3h6X-PQ5Xx00ktIhnGnJ7FO_MlIMH8T3itQwm7DmJcjI4BBNl1GEsk3SOCknx_uSTmZLJo-a6HPX0UGddySL3UJomYDwnmjI8KwfjWglifk64TGEAiTcpCe5t9p5r9ZaNiXOaMa6V4ABhP8XOHsVNVGJLxmSHo0NUHINbLhYjAL-YaABkVtAIO03I0HB6zw8cGMpgACJr8cSbvB5LkWhibgKPVzWvTCkHcus0OU5r8fSdc7-CALtRUMQLP8db33ne54yCRzkHoA3fMF9PqDvN_GHcsYCGlPP1xPG47LwFSqleoYW_QbJUg7-nRxHLd3AwloN0E3beMUvxEuDF9uE7jfcJVmuvk4_04-jmMDZUG8-f9zAgP-ZbvwgzzUdE3WkKXwOPG8ImFpY8Gbq2Z2sdEBJTnHZdMo-xmbwQKfXVumImMCKnz-1gStQ4lAXZguiL4k699RrrXtqHmzY3ln4QbUVDQt526s2H-BPgT61_gULCdCGZF4YtgQS4xVDhhXHGrVF1-p_swjk4wsgNanLsX87ER8JlcoLY8wFG7YtGhlUpbqFrVOvsyFf4Ae6DguiNKCeBkndF9jb1QLz138e-xmuQCNHZaWXrYQQ3YBR3C8NqOFEmeC7802tztGl9y0skiYwVFYhAIaeSe68Z6Ou6khrJET_DdcX8FdeW3dNCEU90h63c29oOTp_Y7SjLkSjSd_to_t0NuPahNpblG56A9DjEb-7Z0z373Y9LpjBdM_-lq-qPsKFZ9HJVbUR0Fe0hy7v4wlb5M-GXQ&sai=AMfl-YSilsXSy6GahANJ7ogrpyOaEJy6RKpG1--b6jAYJSu-K1NZLISaE_GesdDH2vnpHHVNGk751gqt6oOIsNXxEZ1PTGZXhQ1Hq3Uy053OSrIkqxn37UeMgVrCPDBWAAQHqmIWF6xianspXVKir6UNdJvV2lzHZETaEXZru0mFPBm4v0Dtngjmd-NXcrzt2l6k2NB0EagXWcM1Uk2Ujl9BG49CVOCwhxr9WHwcrTg3WYFANr-QAWAesC3lyOmzk5DJ8YYmnpQgiGgd4j9xagKbce4wq5-L2-hcmjPovcDIIOyxQE08DlJRDFLH&sig=Cg0ArKJSzDbb-37SkLV8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=321&cbvp=1&cstd=317&cisv=r20230824.26716&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 06:08:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 29 Aug 2023 06:08:13 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 3523
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1450266/71191519/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012305835&ias_pubId=pub-2923577365468476&ias_chanId=1&ias_placementId=20240023183&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_TIvtZN39H5i79u8Pmd-NkAU&cbFunctionName=goog_wrapCb_TIvtZN39H5i79u8Pmd-NkAU&true_pb=https%3A%2F%2Fstatic.adsa...

1 KB
1 KB

6ms
6ms

Script
application/javascript

2600:9000:223f:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_TIvtZN39H5i79u8Pmd-NkAU&cbFunctionName=goog_wrapCb_TIvtZN39H5i79u8Pmd-NkAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date: Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop: FRA56-P5
age: 54311
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Tb5_HWombHnRlZ7VneYDmB91G-pDX1mWuNkHijmnIYWJywATKT8rAw==

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:13 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_TIvtZN39H5i79u8Pmd-NkAU&cbFunctionName=goog_wrapCb_TIvtZN39H5i79u8Pmd-NkAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 037F 91 KB
23 KB 46ms
7ms Script
application/javascript 2600:9000:223f:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 29514717
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: WK42sA2Zftq1bK5gIY9TbFYtdwWA3a4HhHUE07Eb4wpbGWaKayS3Zw==

GET
H3 200 style.css
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/ Frame 2459 3 KB
1 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae5de5acee831856699a26e0bf1b8604c86aa86520468877ee2d6b78dc2b5d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 01:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1205
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Aug 2024 01:34:21 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2459 57 KB
23 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 06:08:13 GMT

GET
H3 200 imagesloaded.pkgd.min.js Show response
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/libs/ Frame 2459 5 KB
2 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/libs/imagesloaded.pkgd.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1810
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/ Frame 2459 6 KB
1 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/js/animation.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

898a979bbff94b56c8e702c6119582a0463b6ad4819f5baa77b4901245700148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1226
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/ Frame BDAD 18 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

990bd1078da63a9ef1d116ee6c63c57347e4444887b9875bbada38c33d4e393a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 600631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4086
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:17:42 GMT
expires: Wed, 21 Aug 2024 07:17:42 GMT
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/ Frame 1B3E 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C57D 143 B
166 B 12ms
9ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 05:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 1B3E 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 1B3E 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:43:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:43:55 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/ Frame 7ACF 18 KB
4 KB 10ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

990bd1078da63a9ef1d116ee6c63c57347e4444887b9875bbada38c33d4e393a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 600631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4086
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:17:42 GMT
expires: Wed, 21 Aug 2024 07:17:42 GMT
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/ Frame 019A 23 KB
9 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFCC 143 B
166 B 14ms
11ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 05:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 019A 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 019A 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:43:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:43:55 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 332ms
99ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3WPU,pingTime:-3,time:181,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:181,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B171~0%5D,as:%5B171~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:54%7D&br=c
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:13 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
216 B 325ms
97ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3WPW,pingTime:-6,time:183,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:183,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B173~0%5D,as:%5B173~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:54%7D&tpiLookup=ao:www.ukr.net*&br=c
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:13 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BDAD 6 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 00:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BDAD 34 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 02:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:17:36 GMT

GET
H3 200 bbc24aa2610d55793a1cafdde9a9bdf2.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/ Frame BDAD 107 KB
30 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/bbc24aa2610d55793a1cafdde9a9bdf2.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee2cf8fc95b93e84dfd115652a944258e28fcedee5da16bc825c1f496f22079c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Aug 2023 07:17:42 GMT
age: 600631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31027
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 07:17:42 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7ACF 6 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 00:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7ACF 34 KB
13 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 02:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:17:36 GMT

GET
H3 200 bbc24aa2610d55793a1cafdde9a9bdf2.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/ Frame 7ACF 107 KB
30 KB 13ms
10ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/bbc24aa2610d55793a1cafdde9a9bdf2.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee2cf8fc95b93e84dfd115652a944258e28fcedee5da16bc825c1f496f22079c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Aug 2023 07:17:42 GMT
age: 600631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31027
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 07:17:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 226ms
98ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3WRA,pingTime:-2,time:285,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:766,beZ:767,mfA:771,cmA:773,inA:773,inZ:779,prA:779,prZ:810,si:819,poA:821,poZ:854,cmZ:854,mfZ:854,loA:948,loZ:952,ltA:1050,ltZ:1050%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:285,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B275~0%5D,as:%5B275~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:54,sinceFw:229,readyFired:true%7D&br=c
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:13 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 59F1 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 10:48:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 10:48:08 GMT

GET
H3 200 bg1.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 138 KB
138 KB 8ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/bg1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab28248d912ddf19e451114e97f6268d835a76f1edb4b7bde07e828e3c5ce0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141095
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 bg2.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 105 KB
106 KB 13ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/bg2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f4919e9f41f216e2b08f49df565838f3abb181682a4c5db2c695d9a591c0043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 01:34:21 GMT
x-content-type-options: nosniff
age: 534832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108013
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Aug 2024 01:34:21 GMT

GET
H3 200 symbol.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 403 B
430 B 15ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/symbol.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c23bbec0e17044d397957cefa1e14af28e961351761b45ad33fc1d1af76d01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 symbol_last.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 253 B
280 B 16ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/symbol_last.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3efe2add813f7a9ed963b9035bbdb8ec5dde4af14a2b4b2182b2e06a33deb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 txt1_L1.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 1 KB
1 KB 17ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt1_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5415289624e0329e0190f00cc084175fc0e1ffa2b359a90345b3c902675fc225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1461
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 txt1_L2.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 1 KB
1 KB 27ms
24ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt1_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46367439a11ba0768567a8306130988e25a83e5fd782dbcb45e267d55c5e068f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 04:46:04 GMT
x-content-type-options: nosniff
age: 4929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Aug 2024 04:46:04 GMT

GET
H3 200 txt1_L3.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 992 B
1019 B 25ms
22ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt1_L3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbe9c2a3218d6b874a0662ab1486c9095f23b49c7d74dd22284a5062bef2ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 992
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 txt1_L4.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 1 KB
1 KB 23ms
20ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt1_L4.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1c623024b1660a46120c4d3b1fbca685b72783376ae4045437bb47b54c281e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1385
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 txt2_L1.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 1 KB
1 KB 24ms
21ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt2_L1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17fe98143a64466708a79b1ffa676ee2c768384390f7671a5ee5b4c224295136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1204
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 txt2_L2.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 1 KB
1 KB 19ms
15ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt2_L2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162b3317d85324d7c25c39af80a42ccdeea4b7a665e98a715738e2098f10d824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1385
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 txt2_L3.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 1 KB
1 KB 20ms
16ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/txt2_L3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

967c027aabceff90dd3e3611d4c9cc95bb835520c85a388bd29a7a0f524be236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1217
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 11 KB
11 KB 29ms
25ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e1c33d7f108a6e534cb38611dcac52f2e6c6480bc2f8d2bfbfc532aab1e0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11074
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 1 KB
1 KB 30ms
26ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a81e95d7f6f0be2cc8b34e6ac1156e468f0e01b179241f596892ff1ea86a03e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1240
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 circle.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 911 B
938 B 27ms
24ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/circle.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb25550f365b8d1d764555ed0f66bc634fc803c8031f9dca22c3b45bf6dc882e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 911
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

GET
H3 200 arrow.png
s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/ Frame 2459 436 B
463 B 29ms
25ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/assets/arrow.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f00ce14d854d9095b5099e0fc07e9c9d32e25491244fb6db051875f484a565e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7776670944150252622/CV~OffTrackTraveler_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~160x600_LN~DE_U1~StandardDisplayBanner_U2~OnTrip/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:21:16 GMT
x-content-type-options: nosniff
age: 49617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 436
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 16:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 16:21:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3523 0
20 B 43ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=TIvtZN39H5i79u8Pmd-NkAU&p=ias&bl=0&twt=818&st=498

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
222 B 86ms
85ms XHR
text/plain 209.205.197.154
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/OSala/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Tue, 29 Aug 2023 06:08:13 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C57D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
19ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:13 GMT
expires: Tue, 29 Aug 2023 06:08:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFCC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
19ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:13 GMT
expires: Tue, 29 Aug 2023 06:08:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:08:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1B3E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0Vt9RwKBtrY4tpuR9fkjnwLV9Rh9XuHUGFsUUVqyUeZVKdxiLCbgN8GNMDOgxXYCAF8XLV02L4mpYizkc3dakGI0ZXg
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B3E 181 KB
57 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 06:08:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 019A 0
0 15ms
15ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSC8jbEnCS5lCbToKAb0dMTXq3X7Bm9Aq3iRG_FuReqwo2tuCy1ZXTT7xMMmswo-p7J3JJ5FqbJwAP_pCSmT938WR6SOg
Requested by: Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 019A 181 KB
57 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 06:08:13 GMT

GET
DATA 200
OK truncated
/ Frame 1B3E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 977284b17a0c0a88cef72e05980643db08170c96649196526b1b7eb5925f08ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3523 0
0 44ms
43ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssd5LB1G2Ihc_zSKMMcDStPd4zTM6bB6ERkwv63XtbI1ftPEaMIL9SF5hfi4e_IZJro-MH18VCztQOefggRUcIHz7kOExSdKSYwqNdYKyT0NFkXDnZEVl_1OLbgTzMBmwSe6a-0LpqdspRil0Z_hLxuSnWg2Api68jDaLd_P0SHANyURyyp7FMxvc8SpXpHEpFiugfX5rZUOBmZ_OUwNl0vCorjsm6t6-eht7M7OeOSiRe9pxmK3PcDTkR1mQpwRkm88Z12r07nXM--Nf3tM8ucJr753HrIxABV-EnVq1w7-eVvjDIJ18eZOC1ISddPaST5sCVhfxnWczMfmwrBjQFo8sfoM9T5eRHKxnvN0v72FIctz9pzJBK1JnGUQfpLSQ2UKTcbKEHgTM2yUxa-8ixv9t5lOFk2kraw1qxiPsq1h6WWG3jeaKoQ4jxuGXttLP-0hTfQzsabnXIW-WIbbsAKR6fZVJCOqp0HGxFkoMUG3qmIOhY1pycPQSHVG-S7-yF28p7bnJ9KOh3mqkFlnnS_yvMipUMAce_QdXFm1wsobgpcrJrex9FeIk1-GotONiX2Z9lk3h6X-PQ5Xx00ktIhnGnJ7FO_MlIMH8T3itQwm7DmJcjI4BBNl1GEsk3SOCknx_uSTmZLJo-a6HPX0UGddySL3UJomYDwnmjI8KwfjWglifk64TGEAiTcpCe5t9p5r9ZaNiXOaMa6V4ABhP8XOHsVNVGJLxmSHo0NUHINbLhYjAL-YaABkVtAIO03I0HB6zw8cGMpgACJr8cSbvB5LkWhibgKPVzWvTCkHcus0OU5r8fSdc7-CALtRUMQLP8db33ne54yCRzkHoA3fMF9PqDvN_GHcsYCGlPP1xPG47LwFSqleoYW_QbJUg7-nRxHLd3AwloN0E3beMUvxEuDF9uE7jfcJVmuvk4_04-jmMDZUG8-f9zAgP-ZbvwgzzUdE3WkKXwOPG8ImFpY8Gbq2Z2sdEBJTnHZdMo-xmbwQKfXVumImMCKnz-1gStQ4lAXZguiL4k699RrrXtqHmzY3ln4QbUVDQt526s2H-BPgT61_gULCdCGZF4YtgQS4xVDhhXHGrVF1-p_swjk4wsgNanLsX87ER8JlcoLY8wFG7YtGhlUpbqFrVOvsyFf4Ae6DguiNKCeBkndF9jb1QLz138e-xmuQCNHZaWXrYQQ3YBR3C8NqOFEmeC7802tztGl9y0skiYwVFYhAIaeSe68Z6Ou6khrJET_DdcX8FdeW3dNCEU90h63c29oOTp_Y7SjLkSjSd_to_t0NuPahNpblG56A9DjEb-7Z0z373Y9LpjBdM_-lq-qPsKFZ9HJVbUR0Fe0hy7v4wlb5M-GXQ&sai=AMfl-YSilsXSy6GahANJ7ogrpyOaEJy6RKpG1--b6jAYJSu-K1NZLISaE_GesdDH2vnpHHVNGk751gqt6oOIsNXxEZ1PTGZXhQ1Hq3Uy053OSrIkqxn37UeMgVrCPDBWAAQHqmIWF6xianspXVKir6UNdJvV2lzHZETaEXZru0mFPBm4v0Dtngjmd-NXcrzt2l6k2NB0EagXWcM1Uk2Ujl9BG49CVOCwhxr9WHwcrTg3WYFANr-QAWAesC3lyOmzk5DJ8YYmnpQgiGgd4j9xagKbce4wq5-L2-hcmjPovcDIIOyxQE08DlJRDFLH&sig=Cg0ArKJSzDbb-37SkLV8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=935&vt=11&dtpt=614&dett=3&cstd=317&cisv=r20230824.26716&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 06:08:13 GMT

GET
DATA 200
OK truncated
/ Frame 019A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6467001125b3d4ce07365fdf743cba5389948519ddec365b8bf0a97d51b9694b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame BDAD 6 KB
1 KB 64ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/bbc24aa2610d55793a1cafdde9a9bdf2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1487742b032e8539ef06be11ac891ebac4efa9010d1bbe2ee9cae83f5c3d2f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 06:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 06:08:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 06:08:13 GMT

GET
H3 200 b07eaa15a05ed6ae0101e519581fbe22.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame BDAD 77 KB
77 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b07eaa15a05ed6ae0101e519581fbe22.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7344b8e78bfba6e5edea74fc985ff1f3cfca381f0efc2c3ba58c7e4b87664c6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 22 Aug 2023 07:17:42 GMT
x-content-type-options: nosniff
age: 600631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78788
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 07:17:42 GMT

GET
H3 200 b41a1329f756edd4e785afb93ec80a40.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame BDAD 4 KB
4 KB 14ms
14ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b41a1329f756edd4e785afb93ec80a40.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aeba033d4f2bd0703a050b7282d982e7026a738c9bed8a6cbe9cbe1cdbb8bf9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 27 Aug 2023 08:51:02 GMT
x-content-type-options: nosniff
age: 163031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4191
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Aug 2024 08:51:02 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBA3 42 B
174 B 48ms
43ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjSCY9SzO_fsIY9DVwhsKtyIErv4qgOSrpuqG8REg1CHw1LMUOK86DiRxoeLux7uzBmULPwDqBj0JyZrAnXmJm_Mca4ezM2vTW1SOR&sig=Cg0ArKJSzAZWLM8NPAafEAE&id=lidar2&mcvt=1123&p=446,995,591,1295&mtos=1123,1123,1123,1123,1123&tos=1123,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=216364347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693289292300&rpt=275&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b07eaa15a05ed6ae0101e519581fbe22.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame 7ACF 77 KB
77 KB 12ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b07eaa15a05ed6ae0101e519581fbe22.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/bbc24aa2610d55793a1cafdde9a9bdf2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7344b8e78bfba6e5edea74fc985ff1f3cfca381f0efc2c3ba58c7e4b87664c6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 22 Aug 2023 07:17:42 GMT
x-content-type-options: nosniff
age: 600631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78788
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 07:17:42 GMT

GET
H3 200 b41a1329f756edd4e785afb93ec80a40.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame 7ACF 4 KB
4 KB 16ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b41a1329f756edd4e785afb93ec80a40.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/bbc24aa2610d55793a1cafdde9a9bdf2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aeba033d4f2bd0703a050b7282d982e7026a738c9bed8a6cbe9cbe1cdbb8bf9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 27 Aug 2023 08:51:02 GMT
x-content-type-options: nosniff
age: 163031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4191
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Aug 2024 08:51:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7ACF 6 KB
868 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/bbc24aa2610d55793a1cafdde9a9bdf2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1487742b032e8539ef06be11ac891ebac4efa9010d1bbe2ee9cae83f5c3d2f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 06:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 06:08:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 06:08:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3770 0
127 B 26ms
20ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 06:08:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame BDAD 15 KB
15 KB 106ms
30ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 335117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 09:02:57 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame BDAD 14 KB
15 KB 339ms
264ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:33:46 GMT
x-content-type-options: nosniff
age: 376468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 21:33:46 GMT

GET
H2 200 j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqXNRU.woff2
fonts.gstatic.com/s/frankruhllibre/v20/ Frame BDAD 15 KB
15 KB 340ms
266ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v20/j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqXNRU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6088039b372b387039f5665d828dde196b63dbc103042f071ed2136ed16e818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:40:28 GMT
x-content-type-options: nosniff
age: 530866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 15:17:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 02:40:28 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7ACF 15 KB
15 KB 309ms
260ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 335117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 09:02:57 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7ACF 14 KB
15 KB 326ms
278ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:33:46 GMT
x-content-type-options: nosniff
age: 376468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 21:33:46 GMT

GET
H2 200 j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqXNRU.woff2
fonts.gstatic.com/s/frankruhllibre/v20/ Frame 7ACF 15 KB
15 KB 337ms
289ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v20/j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqXNRU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6088039b372b387039f5665d828dde196b63dbc103042f071ed2136ed16e818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:40:28 GMT
x-content-type-options: nosniff
age: 530866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 15:17:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 02:40:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DE7E 0
11 B 17ms
16ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NvVzpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 115ms
102ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3X3K,pingTime:-10,time:1040,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693289294092%7C%7Cf03beb05c17b9cdd47b44c154f89b9f6%7C%7Cf3b2a520b07e1265656cdb121718396d%7C%7Caefcd74ec00ff0093774e416dd9b0048%7C%7C19323bd4d2901cd7356172796251a2a6%7C%7C1b123d22254600bc9cd76eaf347bb444%7C%7C77c10f964d05df5ca6b6d47df1b104a8%7C%7Cffcb9bab1bdd3237ec2e5dcc5b8f5850%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:14 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3523 42 B
64 B 53ms
44ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIG9vIgTlRFcBJBadOZZZzWrJjQMX6u90b87Nuci97VFga8DNuZlufiRRE9vf6wHCJPJdC-WbpvjiIXsPYUGCGz4TMp6Yn-8gdhV6IEJB6ew20kqME8xnKJ5xiNRFtNdY&sai=AMfl-YTZaY4qsbD9t8RJQRGYB41EittxzqcRU5sMKwoURWRv8lBWTliPgArxS_M4dJlC8zBY2hybzCt4LdqunQwuz2-d-Wyt56d6SDzhZKtffQuSXF2Vj45yZ4oR5kKtOXSZCjyv33169J4cU-Pm&sig=Cg0ArKJSzFptvhKFZ8HQEAE&cid=CAQSSwBpAlJW8OHePluUtOAsmxDP_Tkm2kHnV7EOC5uIbvaq0SlJhZTrRPJwN_OzrHp1QW-WNX56QNT6ITyZZI0prG40jPxMn6k_LA5vLRgB&id=lidar2&mcvt=1081&p=89,249,129,290&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3371586687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693289292287&rpt=439&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1B3E
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5kWlTIvtZOiIG4v67_UPy7632AOon_O5ctrKqtuzEdzZHhABIOefw5kBYJXikIKgB6ABy-H4lwPIAQmpAnoid4ZvEmg-4AIAqAMByANIqgSLAk_Qu3L3eVXF5QZAzWCDKdK7tiyJQrMY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22498939257094922453%22,%22debug_reporting%22:true,%22destination%22:%22https://zaridtesi.cz%22,%22event_report_window%22:%2...

0
0

63ms
40ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22498939257094922453%22,%22debug_reporting%22:true,%22destination%22:%22https://zaridtesi.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22855519435%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221612784529938473841%22}&andc=true

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"498939257094922453","debug_reporting":true,"destination":"https://zaridtesi.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["855519435"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"1612784529938473841"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 06:08:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"498939257094922453","debug_reporting":true,"destination":"https://zaridtesi.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["855519435"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"1612784529938473841"}&andc=true
access-control-allow-origin: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 53ms
52ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5kWlTIvtZOiIG4v67_UPy7632AOon_O5ctrKqtuzEdzZHhABIOefw5kBYJXikIKgB6ABy-H4lwPIAQmpAnoid4ZvEmg-4AIAqAMByANIqgSLAk_Qu3L3eVXF5QZAzWCDKdK7tiyJQrMY1sTFGLZgD_QzPA0y0ht6YxUFf0pqTtOSu3EGpwWgHv6KQ_GtAW8IXqoPnBsXUygbXiA-DGOl8WpStv2j4Pl2qBlgaQBfCFtLkZaOmx2Ca1g3Y6mVs2Kaxyct_RWu4BgR7ry1y9sV29hedaebGRnsqMGNO9qpE5u4zWbX9bMza_rICwwWAc6k6rEW1-yVxmKPZtPSsBHa-6cMB5oc9i2K1lA-LtLAwHzEAc8ejgMNdBKB2PFk3yFoH1EwZtIYeNAIPunXIDnJMPcZEgkmYrFXjjL1BnwpcxuQgOVV7DUrhX-VkXMdQHMNNk_jX0Bi-GeHMY7gpMAEm_-s058E4AQBiAWu1rusQZIFBAgEGAGSBQQIBRgEoAYugAednodoqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ84VG0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJFGh0dHBzOi8vemFyaWR0ZXNpLmN6gAoDyAsB2BMN0BUBmBYBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=5w3BpAanF5Y&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWmZ7qiLlg5t6xjzrxU4DBo2bTg5wZZJy4WAN766kdCTbhTdgTsNwF_SkW5u89mUbvIjFzpeHrGAE&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 06:08:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b07eaa15a05ed6ae0101e519581fbe22.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame BDAD 77 KB
77 KB 9ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b07eaa15a05ed6ae0101e519581fbe22.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7344b8e78bfba6e5edea74fc985ff1f3cfca381f0efc2c3ba58c7e4b87664c6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 22 Aug 2023 07:17:42 GMT
x-content-type-options: nosniff
age: 600632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78788
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 07:17:42 GMT

GET
H3 200 b41a1329f756edd4e785afb93ec80a40.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame BDAD 4 KB
4 KB 24ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b41a1329f756edd4e785afb93ec80a40.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aeba033d4f2bd0703a050b7282d982e7026a738c9bed8a6cbe9cbe1cdbb8bf9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 27 Aug 2023 08:51:02 GMT
x-content-type-options: nosniff
age: 163032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4191
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Aug 2024 08:51:02 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame BDAD 20 KB
20 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:41:53 GMT
x-content-type-options: nosniff
age: 257181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20616
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:41:53 GMT

GET
H2 200 j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqZNRVGEQ.woff2
fonts.gstatic.com/s/frankruhllibre/v20/ Frame BDAD 8 KB
8 KB 37ms
0ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v20/j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqZNRVGEQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16158d79abfa1a73a04bafb68da3f0a585fe3d1f85f3a064c48ed8f59d44ad1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:25:34 GMT
x-content-type-options: nosniff
age: 297760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8148
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 15:15:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 19:25:34 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 019A
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C9_soTIvtZOqIG4v67_UPy7632AOon_O5cs25mqaCEdzZHhABIOefw5kBYJXikIKgB6ABy-H4lwPIAQmpAnoid4ZvEmg-4AIAqAMByANIqgSOAk_Q1ghbyseQ_uJm1mzFCQ0spA7Q8o3F...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212418913345127540339%22,%22debug_reporting%22:true,%22destination%22:%22https://zaridtesi.cz%22,%22event_report_window%22:...

0
0

62ms
40ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212418913345127540339%22,%22debug_reporting%22:true,%22destination%22:%22https://zaridtesi.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22855519435%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222929339779582106113%22}&andc=true

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12418913345127540339","debug_reporting":true,"destination":"https://zaridtesi.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["855519435"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"2929339779582106113"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 06:08:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12418913345127540339","debug_reporting":true,"destination":"https://zaridtesi.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["855519435"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"2929339779582106113"}&andc=true
access-control-allow-origin: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 46ms
42ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C9_soTIvtZOqIG4v67_UPy7632AOon_O5cs25mqaCEdzZHhABIOefw5kBYJXikIKgB6ABy-H4lwPIAQmpAnoid4ZvEmg-4AIAqAMByANIqgSOAk_Q1ghbyseQ_uJm1mzFCQ0spA7Q8o3F2fURkdTbAjBUmVgcKaA3A6gNEdG_EzfcMX_3GbnoxtdANsqncidP_28cQRWrDgO-fUeFZeDQ4vwmFKvHjWQk62h_WB31esfGlH3bXF3MtHkOCc5yT63sfl8D4alHQwugNGxByd96EjuNdoxCafow4HWC1YQOXCRYr46q6RTO4BGBksXFuB_mR8SdLfsSrDbnyGpsvkpTumBGSrjKc74FQn_OJGbcMARJl6wBFF-YDx0flXllpA1kWB6lsG_Dzjkr-2tosPdlYwLPoTij9lprQRFmObOHJ5dUyHLzcucpb_1VH-eXpts556uq4oeNWjBw0PktLwzn1sAE44Ct058E4AQBiAWu1rusQZIFBAgEGAGSBQQIBRgEoAYugAednodoqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ7IcO0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJFGh0dHBzOi8vemFyaWR0ZXNpLmN6gAoDyAsB2BMN0BUBmBYBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=5EUPEThreoU&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWmZ7qiLlg5t6xjzrxU4DBo2bTg5wZZJy4WAN766kdCTbhTdgTsNwF_SkW5u89mUbvIjFzpeHrGAE&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 06:08:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59F1 0
20 B 49ms
46ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLYndTIvtZN39H5i79u8Pmd-NkAUAAAAAOAHgBAI&bg=!srGlsf7NAAYkVgHwBFY7ADQBe5WfOB35QXpIpqVtKCsoiZhomZX8HFb-ehcgmGhTQtnhqERf66m67J5DR_Jltb-nbpy1AgAAAolSAAAAOWgBB5kDACzgjKNFH-WFrg8bUGpYKOVYFyTiBc7fiP9q2TNnhr5Ee_VMex4LClWGF-ioOl8xCRgrh5mD4Fr2Dgd3Ap7LKBnVLvLTWfUazA5DSrbJ4Xb8rujbJS4N43x4UQROtXbinpx9VGwQfB0MPYAf-urVs8V-tjuJ_TBWsZ_cv_Fwd02sNBgHrNzaKFgFMWXU47Px3mIrbCGAlsQyopbkeRbrKBBfis1HbfPri3CVnLsTjunsvaEMD_lzH9Ves7fdHPAX0HwHyRjmS2kIQ4GFtxYLfBdU84fLxpA9fRThly6EBcYquV6s4mRHyf2lDofGNEjWfp8wxqsx7g5sm6sf35xiW7rRsKeBnyq0-q6Sqr_yma8GQAzVASIa-gew7QjisKZaFFMrC-vzTGYguXfUyJ0opap10GY0RlRPoJcSZomKlhSUW_bS7QXF8IuCin73eUgEsHx6b0t7bRLwYpn600VzydV-JIqr7LiZXFWlgWiFMFIxJfYII6Ve3T7Gkq_8YUEzFsvzLAJ22iLpPPJd-HAvEBVchwudD4ZHfNaurrf8TApjGF3yLRbVp2apekX8NxBZNNPwM2e6w_UoOR7C8UaF657KjUp0hqt6QBYIj1G4SCsVuxxnoXPJ94TBXjAXiOZ4TzZEAqkNmtBssgUIrBB-JVUrLDscn7zZkcTcO6DZD3H98lNJlhlNAlbV2Amak3j4BJRKCelaIu1Xk_uXY_68qXeMikeLXoHZczqUlzxzgsN01uU9p9V_1mEg5JQ2-C2b2kpPps0OvFxvBodI_nk-9YeGWaL4cVB4pued4t3ok3BmxyU-LWyPv51k6DWHd3Ddm3TybqBkVS9czpH5MXZQ67wgjvpl05Nm9A6LaCSaNZqga91qlfc7N3f2Vk5azUi4MtX8odMOykD5N33TGO00FnmGyDeTJD2PLSoeA9mEQ2lzDBU5NMG2p4d6lkf_OaHteCohbOoc_tgVGnoznglLS6aT23aORtqFn0Bh2HYWCPEvBS1-qC_1CQ374rIAgH_36w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b07eaa15a05ed6ae0101e519581fbe22.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame 7ACF 77 KB
77 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b07eaa15a05ed6ae0101e519581fbe22.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7344b8e78bfba6e5edea74fc985ff1f3cfca381f0efc2c3ba58c7e4b87664c6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 22 Aug 2023 07:17:42 GMT
x-content-type-options: nosniff
age: 600632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78788
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 07:17:42 GMT

GET
H3 200 b41a1329f756edd4e785afb93ec80a40.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/ Frame 7ACF 4 KB
4 KB 13ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11723638967565356269/media/b41a1329f756edd4e785afb93ec80a40.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aeba033d4f2bd0703a050b7282d982e7026a738c9bed8a6cbe9cbe1cdbb8bf9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 27 Aug 2023 08:51:02 GMT
x-content-type-options: nosniff
age: 163032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4191
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 14:46:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Aug 2024 08:51:02 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7ACF 20 KB
20 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:41:53 GMT
x-content-type-options: nosniff
age: 257181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20616
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:41:53 GMT

GET
H3 200 j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqZNRVGEQ.woff2
fonts.gstatic.com/s/frankruhllibre/v20/ Frame 7ACF 8 KB
8 KB 17ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v20/j8_96_fAw7jrcalD7oKYNX0QfAnPcbzNEEB7OoicBw4iZmqZNRVGEQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400|Source+Sans+Pro:600|Frank+Ruhl+Libre:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16158d79abfa1a73a04bafb68da3f0a585fe3d1f85f3a064c48ed8f59d44ad1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:25:34 GMT
x-content-type-options: nosniff
age: 297760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8148
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 15:15:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 19:25:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 103ms
103ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3X8U,time:1359,type:e,im:%7Bpci:%7Btdr:1051%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:44,o:1315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1306~0,0~100%5D,as:%5B1306~160.600%5D%7D%7D,%7Bsl:i,t:1315,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B43~100%5D,as:%5B43~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:161,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:54,sis:412%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:14 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 68ms
41ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 06:08:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 66ms
41ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 06:08:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame BDAD 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 10:48:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 10:48:08 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7ACF 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 10:48:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 10:48:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308230101&jk=3279634773728220&bg=!kpGlkd7NAAYkVgHwBFY7ADQBe5WfOGQdOpJu10vqXX5KdCvcFxJUgAnr3hd7HVQWNA8PRapZbt3-EQg6VoSQXvRsN_5RAgAABHJSAAAACWgBB5kCtpKNHWXm0dpDvBPxfwyXbHZns9qNkhhj6h9EmGuEvroYg6b-aw9CKrQ5zGVkI1F8Vu3fTwnxxVt9r3IKzp2NyMnj7QL4OSoQMipgAo9SaV6xMdjdF7Or7H6e6aKzeeB8wr4lOPaTQl-jfazGO9Yc5_WokJcPZCtrzZVD6SsSBT29mHOVUsNQ2wtCfgSFbIYLjUKXH75JB3h5mD4tp6SzinXPnLGzsBp5-aVj7Yyr9mkM78br4YeInosB6cVv3YI-FZsox47qmkOXj7mcgR6ziGRvgi27gml2FOptZPasGndVg4HBWnkg-WDDlxaHvWQIzObFff8aQlMJE3mrIOtZg4AhOGiGKaTCsmMI6pq8s7VzSyoYnFhbHwLenwTzFAKbdAPYlnF9qsmW_xVv77vJSIBocQqyTqbyWI4joliF6sjkGZFPu_-6PP_IOaFR0NSYZ6v96BE9JriWS2u8EpmirI1cD6QfYypFAALT2LtGFlS3sy-OhE4v21psbBtBu9APWqarECQi0o6MxO3-llKyGx4CC8dPDcOySGfGwOT8KpNouM2S0rF86IMjPoxHm2yfSTcewBv3pWR993H0iRWlkv_w-jdvhiVrPKW1iuoHYfbMYBj27R2-JBaRgiDllRpJOd9q66CMN8lcoKVU3uq39XmMfg0Nc20toS80VCksj5gugaSWqrp1w26ajotnUfiA1H26YzbibcnZ_0eJJXvbfX2PAv_3qd-VNr8NYtCckvgxRMVddJqE5T0mF6y57VwecMr5pe_FG72RNrXtsW-pzNu5ubxFn85vvGS1c1Ir6a9n_WSeKbWNGTtbR14IPIdumWE4tEMdb1zSJtvISpPRjfsyULcHzdbp_fjJtDnnnqjv1W9ei7FoEE1OERrdBPBXfW9ZWn4r5gyxGjkUTPA6LjRZLVdEVsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B3E 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcFYTyKG9yleyhqEEWC1ll3MkDyCAEUgQ5Fp9zhnkTP4oQEw_bVQZg2PhLjds1AIQyOn-mE11agT92xmpSmyrkWThKHdOwdei8mHQCVXJ8hE0EWkrtQCDNx96s6oL_Zzl7YFr0m5PANSO6&sai=AMfl-YTSsE8IOcOJ4KOEViwi__VOqCncLDROomnoNBdJutvxhIKeRUfhaehgFnJ00ZgSV8y6UW3kRkh0UOMl5yybTdUVvyS8YPa7PJVtrlGcDSaGO30kWQDEeaTlqEA&sig=Cg0ArKJSzFQUQU6rc3XyEAE&cid=CAQSOwBpAlJWmZ7qiLlg5t6xjzrxU4DBo2bTg5wZZJy4WAN766kdCTbhTdgTsNwF_SkW5u89mUbvIjFzpeHrGAE&id=lidar2&mcvt=1001&p=196,995,796,1295&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2774844501&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693289292880&rpt=840&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3523 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7253721891003&version=m202307240101&ct=76&x=1&cor=3372359017751358500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 99ms
98ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3Xov,pingTime:1,time:2326,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:52%7D,%7Bpiv:100,vs:i,r:,t:1315%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1011,o:1315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1306~0,0~100%5D,as:%5B1306~160.600%5D%7D%7D,%7Bsl:i,t:1315,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1011~100%5D,as:%5B1011~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:235,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:54,sis:412%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:15 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 97ms
97ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3Xow,pingTime:1,time:2327,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:52%7D,%7Bpiv:100,vs:i,r:,t:1315%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1012,o:1315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1306~0,0~100%5D,as:%5B1306~160.600%5D%7D%7D,%7Bsl:i,t:1315,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1011~100%5D,as:%5B1011~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:235,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:54,sis:412%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:15 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 100ms
99ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3Xox,pingTime:1,time:2328,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:52%7D,%7Bpiv:100,vs:i,r:,t:1315%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1013,o:1315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1306~0,0~100%5D,as:%5B1306~160.600%5D%7D%7D,%7Bsl:i,t:1315,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1012~100%5D,as:%5B1012~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:235,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:54,sis:412,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:15 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 100ms
99ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3YqS,pingTime:5,time:6317,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:52%7D,%7Bpiv:100,vs:i,r:,t:1315%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1306~0,0~100%5D,as:%5B1306~160.600%5D%7D%7D,%7Bsl:i,t:1315,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:105,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:54,sis:412%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:19 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3523 43 B
215 B 98ms
97ms Image
image/gif 2600:1f18:1aca:4281:e23d:b574:de50:7cc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=bdb054b7-2534-560d-7139-685989bfd1c7&tv=%7Bc:mF3YqS,pingTime:5,time:6317,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:52%7D,%7Bpiv:100,vs:i,r:,t:1315%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1306~0,0~100%5D,as:%5B1306~160.600%5D%7D%7D,%7Bsl:i,t:1315,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:105,fm:tOiFjfT+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18*.1450266-71191519%7C181%7C182%7C183%7C191%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:54,sis:412%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e23d:b574:de50:7cc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 06:08:19 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 all
csm.eu.criteo.net/ Frame 3770 0
127 B 16ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 06:08:19 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

295 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukr.net/	1970-01-20 14:21:31	Name: __cf_bm Value: VDeYbwlKtDtyHTqP5HAVyeCWAgMQ9HNlMJfo83Vkp9k-1693289290-0-Ac7gJThr96sg8SOnrdvVEdSz+LANGvxtLu9c09aUCJi47e4aTLclbubfM4NrYgCJcnb08CiUvLN2NRCNIll67Qk=
.ukr.net/	1970-01-20 23:07:05	Name: news_lang Value: ua
.ukr.net/	1970-01-20 23:07:05	Name: un_news_region Value: 9
.ukr.net/	1970-01-20 23:07:05	Name: snr Value: 9
.ukr.net/	1970-01-20 23:07:05	Name: scr Value: 9
.ukr.net/	1970-01-20 23:07:05	Name: sfr Value: 9
.ukr.net/	1970-01-20 23:07:05	Name: uid Value: Cj1tBGTti0qBf3r9BaWzAg==
.fwdcdn.com/	1970-01-20 14:21:31	Name: __cf_bm Value: dzPhJEBbOltklPhko3GVZGEabgqobuoH0xP.IXGVBiM-1693289290-0-AawVBysE4AOHsQtKCPUjK2yLo8Gd7cun9L0Z7wYJDrM3wtJ31FIMl7LRUAOluu4cx7Tld8fCMs2AZKYzeqpRfCM=
.mgid.com/	1970-01-20 14:21:31	Name: __cf_bm Value: gl4N_gbDQ3BlKT_VjySBxRLpngJPtGU_V812HRnfigg-1693289291-0-AbmX5Duy+EqtjuOU0EBqsHLHZ/30ZHqR+6Wj5d8Vj0xUVW5JAIiD1YYQ7j1uK72RUSbXcaPVHWQtp6+zGDMfdmY=
.ukr.net/	1970-01-20 23:07:05	Name: tracknew Value: 1693289291104323.1693289291.1
www.ukr.net/	1970-01-20 21:06:29	Name: cbtYmKname Value: 360b17304b62cf05
m.mixadvert.com/	1970-01-20 14:21:29	Name: 2a18da0e0de8b02066d7c7c246925ec3 Value: 444319
m.mixadvert.com/	1970-01-20 14:22:55	Name: 809479d442ade21e2935a6ad9c331950 Value: 1
.ukr.net/	1970-01-20 23:07:05	Name: fuelId Value: 4
loadercdn.net/	1970-01-20 23:57:29	Name: vui Value: 355a770e2d03460591ff54760bb36ae6
.ukr.net/	1970-01-20 23:57:29	Name: _ga_75WQ2FHNW7 Value: GS1.1.1693289291.1.0.1693289291.60.0.0
.ukr.net/	1970-01-20 23:57:29	Name: _ga Value: GA1.1.538104153.1693289292
www.ukr.net/	1970-01-20 15:04:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.go.rcvlink.com/	1970-01-20 23:57:29	Name: cache Value: tp7c7d3ZvG763h0
.ukr.net/	1970-01-20 23:07:05	Name: _pubcid Value: d6528505-85f6-4fdc-92e2-1f3c6b1957fe
.ukr.net/	1970-01-20 23:07:05	Name: pcity Value: 102925533
.criteo.com/	1970-01-20 23:43:05	Name: uid Value: f1568298-346e-4d47-8b7b-f6830a0fa42b
.ukr.net/	1970-01-20 23:43:05	Name: cto_bundle Value: tklkR190NWdyclBwTzNta0REeHc2ZTN2YnlreEFKVkt1cmVua3Z5VmkyJTJCMSUyQlRDc3ZrRiUyRlpBaDFENCUyQnp2aldKbkhsaFVMUEpGYUhyVUpQQnVES0RmbloyN1ZHOVZOd3Q5YVJUdWNiS0YlMkZMc3MwTkljZ1VveUl2bHJCb1VjUHBDbFpscGsyT3UlMkZhZnRwVXNBRk1UbGRRWVlCaEElM0QlM0Q
.ukr.net/	1970-01-20 23:43:05	Name: __gads Value: ID=75f8ffadb035a2ba:T=1693289291:RT=1693289291:S=ALNI_May8SaHfOa1Py9y88tYK3hnSqbUWg
.ukr.net/	1970-01-20 23:43:05	Name: __gpi Value: UID=00000c69bb41d351:T=1693289291:RT=1693289291:S=ALNI_MbqMXmrSKGxkWFWcYwtNYDt6slQeQ
.casalemedia.com/	1970-01-20 23:07:05	Name: CMID Value: ZO2LTPdiQa3tLolNj75fzgAA
.casalemedia.com/	1970-01-20 16:31:05	Name: CMPS Value: 1183
.casalemedia.com/	1970-01-20 16:31:05	Name: CMPRO Value: 1183
.adnxs.com/	1970-01-20 16:31:05	Name: uuid2 Value: 4019667850800193345
.adnxs.com/	1970-01-20 16:31:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$IrD22_!]tbPl1M>e)ZlrFUfJ+tGXxoXIQ3^DC]bu3>6knt](naNXpEA^_.zhElUt3?3If)y3KL9D3I?+O4H`j/
.doubleclick.net/	1970-01-20 18:40:41	Name: APC Value: AfxxVi6eSCdRY3T2j1tcr5IC8kEYZP_iYSLcGx09hdf9niYlADH4zw
a4p.adpartner.pro/	1970-01-20 15:47:53	Name: apuid Value: 488bc20d-700d-49dc-b26b-349e5e331e91
.adtelligent.com/	1970-01-20 15:50:46	Name: vmuid Value: ca3fda87168c4f92
.adtelligent.com/	1970-01-20 15:50:46	Name: a307558 Value: 488bc20d-700d-49dc-b26b-349e5e331e91
.doubleclick.net/	1970-01-20 23:43:05	Name: IDE Value: AHWqTUn884hE3Ofeu_cGME4K96nV4Aa7nT2urbH-8EMh34-CJa4qnryyu18e6om9dpQ
.trafmag.com/	1970-01-20 23:57:29	Name: vid Value: 6517739841803813
cookies.nextmillmedia.com/	1970-01-20 14:31:34	Name: NMUID Value: csuid_021d71a3-96ad-4f10-a11c-81f4b342c79e
.doubleclick.net/	1970-01-20 14:21:32	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:31:05	Name: ar_debug Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.ukr.net/api/v1/token/verification/acquire Message: Failed to load resource: the server responded with a status of 599 ()
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11723638967565356269/index.html".
security	error	URL: https://bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11723638967565356269/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
accounts.ukr.net
ads.eu.criteo.com
ap.lijit.com
bd299e5102a25ab098c418ee9e72e6d4.safeframe.googlesyndication.com
cat.fr3.eu.criteo.com
cm.g.doubleclick.net
cookies.nextmillmedia.com
counter.ukr.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
ghb.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
imageproxy.eu.criteo.net
loadercdn.net
m.mixadvert.com
mail.ukr.net
mug.criteo.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
player.adtcdn.com
player.adtelligent.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s.zfctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
trafmag.com
ukr.net
upst.fwdcdn.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ukr.net
zakladki.ukr.net
104.18.8.128
104.18.9.128
136.243.84.75
142.250.181.226
142.250.186.162
147.135.189.55
172.217.16.194
178.250.1.11
178.250.7.9
185.187.81.40
185.187.81.41
185.239.172.77
185.80.39.216
185.89.210.46
193.200.65.2
193.200.65.5
2001:4860:4802:32::36
209.205.197.154
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
216.52.2.30
2600:1f18:1aca:4281:e23d:b574:de50:7cc2
2600:9000:223f:6a00:8:48e:53c0:93a1
2606:4700:1::6813:824c
2606:4700::6810:3965
2606:4700::6812:509
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c03::9d
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a02:2638:d::d
2a06:98c1:3120::3
44.193.144.116
45.133.44.4
51.83.220.94
99.80.174.177
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0225ad148a6425c6d2ee72866d2a7d340849c8ee78ad8e569f6b24c7f361e318
05db26835f8cb4ec5128a4b6a7b47e080d40a022c0b7a37b9555e13f4eb4d657
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
08fc807b6f0761f04903226d1362561623318797ff556534439d94a6810aa979
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a2fd80b28a2af0016d70a68b8e523bc3c4736b4f5b9370e45d266bc1c06a6e6
0ac219692655d2974b5ed91235af5e9542f8158ad76892538d4cc7ce683cb649
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513
1487742b032e8539ef06be11ac891ebac4efa9010d1bbe2ee9cae83f5c3d2f15
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
159610fca2ef77dd04e533542154e5afecabeffe50633e7f4c194c8d9b7b6829
16158d79abfa1a73a04bafb68da3f0a585fe3d1f85f3a064c48ed8f59d44ad1c
162b3317d85324d7c25c39af80a42ccdeea4b7a665e98a715738e2098f10d824
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17fe98143a64466708a79b1ffa676ee2c768384390f7671a5ee5b4c224295136
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463
1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7
20e1c33d7f108a6e534cb38611dcac52f2e6c6480bc2f8d2bfbfc532aab1e0f8
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2cc7b62cdb853f680c869e374b1d3f8319236bee5bc8ba430de527e1f4af1cc0
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
3aeba033d4f2bd0703a050b7282d982e7026a738c9bed8a6cbe9cbe1cdbb8bf9
42986d96f95240f56b65d73b4867947fc7111ffcea44c1fd3093f3a1052778f9
442a6f2369910c3da7e7b7dbf514421aab994d2b13e88e3fe76d677e982c5447
46367439a11ba0768567a8306130988e25a83e5fd782dbcb45e267d55c5e068f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4dbe9c2a3218d6b874a0662ab1486c9095f23b49c7d74dd22284a5062bef2ac9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
5415289624e0329e0190f00cc084175fc0e1ffa2b359a90345b3c902675fc225
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
6467001125b3d4ce07365fdf743cba5389948519ddec365b8bf0a97d51b9694b
657bf98782ddd44de005c5f31a7aac8e9ff97c51695dc0dbe759a106344bc903
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae5de5acee831856699a26e0bf1b8604c86aa86520468877ee2d6b78dc2b5d0
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6d3efe2add813f7a9ed963b9035bbdb8ec5dde4af14a2b4b2182b2e06a33deb6
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f4919e9f41f216e2b08f49df565838f3abb181682a4c5db2c695d9a591c0043
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090
7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221
7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7344b8e78bfba6e5edea74fc985ff1f3cfca381f0efc2c3ba58c7e4b87664c6c
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
76682e8cba253d256ac67cfc29c41351a9f6f4cf9a928a0e056e5ba9d1652d8e
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20
898a979bbff94b56c8e702c6119582a0463b6ad4819f5baa77b4901245700148
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
95dde140a2f8b01df7d7c63388a01b63bc5397a2b89b9b969f5c45b6c8488327
967c027aabceff90dd3e3611d4c9cc95bb835520c85a388bd29a7a0f524be236
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
977284b17a0c0a88cef72e05980643db08170c96649196526b1b7eb5925f08ce
990bd1078da63a9ef1d116ee6c63c57347e4444887b9875bbada38c33d4e393a
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9cd8a30f60bbe41b0bef677711421e212f254da66b1888a58bd99df2e696b448
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4c8b93bda11324a8af7e2cea5b32a4974c59e72eaa0de66288110f68bdd0d11
a66f54738a35c5f6b4a40fe2f668f04c9bffa50ca140aff93c7b47c2c495c2c0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
a81e95d7f6f0be2cc8b34e6ac1156e468f0e01b179241f596892ff1ea86a03e0
a866b1971b0c1324a03d0dab86329ba04a9020b9dbffd3bec147604b7662f58b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1c623024b1660a46120c4d3b1fbca685b72783376ae4045437bb47b54c281e
ab28248d912ddf19e451114e97f6268d835a76f1edb4b7bde07e828e3c5ce0f2
acb233d99ec46d33ce5e31af71997424691326520f037106b0a4dd66f37aeb55
b1331b8583c21d0dd94a74f7607d5a0f08857a047f8fbd2acd0be1f7dabf38f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3
b50152103713a9aa9e8c9ceaaecf49731736343fec4247a7439459b89fdf3aa5
b57672b8a627ac0c901d57d85207612467b1f7a4028fb2e4dd1a9fce4f3fb4cf
b66a59e4c23995652b5f0e0101c3b64009c8143d999cc58d7f14154f81d3d37f
b6d1cf2f024da2d5f38b39ffcf102a96bd2ffe0e57823be9ebc575eda29f8870
b8b285dc042fb3dd1a05bbf719c13619f2e5e1966eca10033a1852c2dfae9f8e
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c23bbec0e17044d397957cefa1e14af28e961351761b45ad33fc1d1af76d01eb
c582ba709c34c5b608b4779ecbd4b7415b847f040ae474a5bc2c2517aff97131
c6088039b372b387039f5665d828dde196b63dbc103042f071ed2136ed16e818
c6f9e409f4cc2819795476a140145f1c9aa739a20b4e28b26a88a67f5a144987
c722d43155880ad69d2c7d6d7e603b15cecb2f1a7a3a1687cf11fdce7f869b9b
c982dd07b1bb5e97929531d385fac654706de72c633197db9075b8abc8054e60
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb25550f365b8d1d764555ed0f66bc634fc803c8031f9dca22c3b45bf6dc882e
cbefb2421db07ea13d26ff340513e20cd86660ed6ae4cde14fa2f4df52e33965
ceb4320aea044e4f550608b78af04b1a71ec70384af554533ea24a5186f1b074
cf0b12f569969a564ec0a6bd146e88eaffd8fb10fbbfb461f4fc2754b346782e
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
d3829e4c88f1f13c181a821691f25f174deb57c21fb120adefe3f971c76c4f30
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
d8ac0fe694d069e764924717f5ed323ebd0759baeb61d29a10ceb8591a8ab950
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e5bde36a7eda36400f057562274c715a95bac9623b43d10c122166eb4ed98e25
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
ee2cf8fc95b93e84dfd115652a944258e28fcedee5da16bc825c1f496f22079c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ce14d854d9095b5099e0fc07e9c9d32e25491244fb6db051875f484a565e2
f47c3ef25a7aa936e3df70ce48e789008a1af3ae09c916f2767efff118299366
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f87e58d4ea5d34b4967e3c7a8c44087af84e9471bf43dbd0e36afd46eaac2cec
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

www.ukr.net Open in urlscan Pro 104.18.9.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

237 Requests

96 %HTTPS

50 %IPv6

30 Domains

53 Subdomains

51 IPs

10 Countries

2790 kBTransfer

7141 kBSize

39 Cookies

290 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ukr.net Open in urlscan Pro
104.18.9.128 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

96 %
HTTPS

50 %
IPv6

30
Domains

53
Subdomains

51
IPs

10
Countries

2790 kB
Transfer

7141 kB
Size

39
Cookies

237 HTTP transactions
6 data transactions